CVE-2015-7967

Published: Mar 2, 2018Modified: Nov 21, 2024

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

SafeNet Authentication Service for Citrix Web Interface Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

Affected (1)

Products: Gemalto: Safenet Authentication Service For Citrix Web Interface Agent

Gemalto

1 product

Safenet Authentication Service For Citrix Web Interface Agent

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Gemalto Safenet Authentication Service For Citrix Web Interface Agent	All versions

Related CWEs

CWE-264

References (6)

https://labs.nettitude.com/blog/cve-2015-7596-through-cve-2015-7598-cve-2015-7961-through-cve-2015-7967-safenet-authentication-service-agent-vulnerabilities/

Source: cve@mitre.org

Third Party Advisory

https://labs.nettitude.com/wp-content/uploads/2016/03/160125-1-Gemalto-IDSS-Security-Bulletin-SAS-Agents-Privilege-Escalation.pdf

Source: cve@mitre.org

PatchThird Party Advisory

https://safenet.gemalto.com/technical-support/security-updates/

Source: cve@mitre.org

Vendor Advisory

https://labs.nettitude.com/blog/cve-2015-7596-through-cve-2015-7598-cve-2015-7961-through-cve-2015-7967-safenet-authentication-service-agent-vulnerabilities/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://labs.nettitude.com/wp-content/uploads/2016/03/160125-1-Gemalto-IDSS-Security-Bulletin-SAS-Agents-Privilege-Escalation.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://safenet.gemalto.com/technical-support/security-updates/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.