CVE-2022-38699 – Armoury Crate Serviceâ€™s logging function has insufficient validation to …

28 September 2022

Vuln ID: CVE-2022-38699

Published: 2022-09-28 04:15:13Z

Description: Armoury Crate Serviceâ€™s logging function has insufficient validation to check if the log file is a symbolic link. A physical attacker with general user privilege can modify the log file property to a symbolic link that points to arbitrary system file, causing the logging function to overwrite the system file and disrupt the system.

Source: NVD.NIST.GOV

Date:

28 September 2022

Categorie(s):

NVD

Tag(s):

NVD

Appdome upgrades MOBILEBot Defense for tailored WAF integration25 April 2024
Cyber Attack Defenders Up For Battle: Huge Uptick In Timely Detections25 April 2024
BEC and Fund Transfer Fraud Top Insurance Claims25 April 2024
Fireblocks expands DeFi suite with threat detection features25 April 2024
Cyber Attack Defenders Up For Battle: Huge Uptick In Timely Attack Detections25 April 2024