CVE-2021-36795

A permission issue in the Cohesity Linux agent may allow privilege escalation in version 6.5.1b to 6.5.1d-hotfix10, 6.6.0a to 6.6.0b-hotfix1. An underprivileged linux user, if certain environment criteria are met, can gain additional privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
VendorProductVersion
cohesitylinux_agent
6.5.1b ≤
𝑥
≤ 6.5.1d
cohesitylinux_agent
6.6.0a ≤
𝑥
≤ 6.6.0b
cohesitylinux_agent
6.5.1d:d
cohesitylinux_agent
6.6.0b:b
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/cohesity/SecAdvisory/blob/master/CVE-2021-36795.md
https://github.com/cohesity/SecAdvisory/blob/master/CVE-2021-36795.md