CVE-2022-45304
EUVD-2022-4820329.11.2022, 02:15
Insecure permissions in Chocolatey Cmder package v1.3.20 and below grants all users in the Authenticated Users group write privileges for the path C:\tools\Cmder and all files located in that folder.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| chocolatey | chocolatey_cmder | 𝑥 ≤ 1.3.20 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration