The %PROGRAMDATA%\1E\Client directory in 1E Client 5.0.0.745 and 4.1.0.267 allows remote authenticated users and local users to create and modify files in protected directories (where they would not normally have access to create or modify files) via the creation of a junction point to a system directory. This leads to partial privilege escalation.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-12-29T20:08:52
Updated: 2024-08-04T16:18:45.566Z
Reserved: 2020-10-22T00:00:00
Link: CVE-2020-27643
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-12-29T21:15:13.163
Modified: 2024-11-21T05:21:34.570
Link: CVE-2020-27643
Redhat
No data.