CVE-2019-17445
22.11.2019, 18:15
An issue was discovered in Eracent EDA, EPA, EPM, EUA, FLW, and SUM Agent through 10.2.26. The agent executable, when installed for non-root operations (scanning), can be forced to copy files from the filesystem to other locations via Symbolic Link Following.
| Vendor | Product | Version |
|---|---|---|
| eracent | eda_agent | 𝑥 ≤ 10.2.26 |
| eracent | epa_agent | 𝑥 ≤ 10.2.26 |
| eracent | epm_agent | 𝑥 ≤ 10.2.26 |
| eracent | eua_agent | 𝑥 ≤ 10.2.26 |
| eracent | flw_agent | 𝑥 ≤ 10.2.26 |
| eracent | sum_agent | 𝑥 ≤ 10.2.26 |
𝑥
= Vulnerable software versions