CVE-2021-26557

When Octopus Tentacle is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access.
Configurations

Configuration 1 (hide)

cpe:2.3:a:octopus:tentacle:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:56

Type Values Removed Values Added
References () https://advisories.octopus.com/adv/2021-02---Local-privilege-escalation-in-Octopus-Tentacle-%28CVE-2021-26557%29.1732870264.html - () https://advisories.octopus.com/adv/2021-02---Local-privilege-escalation-in-Octopus-Tentacle-%28CVE-2021-26557%29.1732870264.html -

07 Nov 2023, 03:31

Type Values Removed Values Added
References
  • {'url': 'https://advisories.octopus.com/adv/2021-02---Local-privilege-escalation-in-Octopus-Tentacle-(CVE-2021-26557).1732870264.html', 'name': 'https://advisories.octopus.com/adv/2021-02---Local-privilege-escalation-in-Octopus-Tentacle-(CVE-2021-26557).1732870264.html', 'tags': ['Vendor Advisory'], 'refsource': 'MISC'}
  • () https://advisories.octopus.com/adv/2021-02---Local-privilege-escalation-in-Octopus-Tentacle-%28CVE-2021-26557%29.1732870264.html -

Information

Published : 2021-10-07 01:15

Updated : 2024-11-21 05:56


NVD link : CVE-2021-26557

Mitre link : CVE-2021-26557

CVE.ORG link : CVE-2021-26557


JSON object : View

Products Affected

octopus

  • tentacle
CWE
CWE-426

Untrusted Search Path