A vulnerability has been identified in SINEC Security Monitor (All versions < V4.10.0). The affected application does not have proper authorization checks for the file_transfer feature in ssmctl-client command. This could allow an authenticated, lowly privileged local attacker to read or write to any file on server or sensor.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanationCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1 reference(s) from NVD