← Back

CVE-2020-36772

nvd nist
Published: Jan 22, 2024Modified: Jun 17, 2026

JSON object

Loading...
4.4
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Exploitability: 1.8 / Impact: 2.5
Source: NVD

Description

CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail proxy command. This allows local users to read and write arbitrary files of certain file formats outside the CageFS environment.

Affected (1)

Products: Cloudlinux: Cagefs
1 product
Cagefs
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Before 7.1.1-1

Timeline

No history available yet.