- Description
- Sygate Security Agent (SSA) in Sygate Secure Enterprise 3.5 through 4.1 does not prevent the security policy from being updated by unprivileged users, which allows local users to modify the policy by exporting the policy file, changing it, and importing it back into SSA.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sygate_technologies:security_agent:3.5_build_2576:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF8FEAEB-BF6C-4DDA-BA09-6C02F6A79C9B"
},
{
"criteria": "cpe:2.3:a:sygate_technologies:security_agent:3.5_build_2577:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC45414D-760E-4C63-A183-F2E4621EBC81"
},
{
"criteria": "cpe:2.3:a:sygate_technologies:security_agent:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4ABEC70D-9EC3-4C6A-B810-9514F3315045"
},
{
"criteria": "cpe:2.3:a:sygate_technologies:security_agent:4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10256DDB-895F-4F21-A275-DE5461410E9F"
}
],
"operator": "OR"
}
]
}
]