CVE-2017-14187

MEDIUM Year: 2017
CVSS v3 Score
6.2
Medium
CVSS v2 Score
7.2
High
Weakness Type
CWE-269
View all →

Vulnerability Description

A local privilege escalation and local code execution vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below versions allows attacker to execute unauthorized binary program contained on an USB drive plugged into a FortiGate via linking the aforementioned binary program to a command that is allowed to be run by the fnsysctl CLI command.

Related Vulnerabilities

CVE-2022-22390

MEDIUM
CVSS:6.2(Medium)

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: ...

CWE-2692022

CVE-2023-52543

MEDIUM
CVSS:6.2(Medium)

Permission verification vulnerability in the system module. Impact: Successful exploitation of this vulnerability will affect availability.

CWE-2692023

CVE-2024-23454

MEDIUM
CVSS:6.2(Medium)

Apache Hadoop’s RunJar.run() does not set permissions for temporary directory by default. If sensitive data will be present in this file, all the other local users may be able to view the content. Thi...

CWE-2692024

CVE-2024-33393

MEDIUM
CVSS:6.2(Medium)

An issue in spidernet-io spiderpool v.0.9.3 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component.

CWE-2692024

CVE-2013-4867

MEDIUM
CVSS:6.3(Medium)

Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking

CWE-2692013

CVE-2017-11438

MEDIUM
CVSS:6.3(Medium)

GitLab Community Edition (CE) and Enterprise Edition (EE) before 9.0.11, 9.1.8, 9.2.8 allow an authenticated user with the ability to create a group to add themselves to any project that is inside a s...

CWE-2692017