CVE-2021-27892Improper Privilege Management in Tectia Client

CWE-269Improper Privilege Management3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 84.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SSH Tectia ClientSSH Tectia Server
Timeline
PublishedMar 15
Latest updateMay 24

Description

SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation. ConnectSecure on Windows is affected.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDssh/tectia_client< 6.4.19
NVDssh/tectia_server< 6.4.19

🔴Vulnerability Details

2
GHSA
GHSA-fr42-5phv-6f32: SSH Tectia Client and Server before 62022-05-24
CVEList
CVE-2021-27892: SSH Tectia Client and Server before 62021-03-15
CVE-2021-27892 — Improper Privilege Management | cvebase