Vulnerabilities (CVE)

Filtered by vendor Magnicomp Subscribe
Filtered by product Sysinfo
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-9310 2 Linux, Magnicomp 2 Linux Kernel, Sysinfo 2024-11-21 7.2 HIGH 7.8 HIGH
An issue was discovered in MagniComp SysInfo before 10-H82 if setuid root (the default). This vulnerability allows any local user on a Linux/UNIX system to run SysInfo and obtain a root shell, which can be used to compromise the local system.
CVE-2018-7268 3 Apple, Linux, Magnicomp 3 Mac Os X, Linux Kernel, Sysinfo 2024-11-21 4.9 MEDIUM 5.5 MEDIUM
MagniComp SysInfo before 10-H81, as shipped with BMC BladeLogic Automation and other products, contains an information exposure vulnerability in which a local unprivileged user is able to read any root (uid 0) owned file on the system, regardless of the file permissions. Confidential information such as password hashes (/etc/shadow) or other secrets (such as log files or private keys) can be leaked to the attacker. The vulnerability has a confidentiality impact, but has no direct impact on system integrity or availability.
CVE-2017-6516 1 Magnicomp 1 Sysinfo 2024-11-21 7.2 HIGH 6.7 MEDIUM
A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. Parts of SysInfo require setuid-to-root access in order to access restricted system files and make restricted kernel calls. This access could be exploited by a local attacker to gain a root shell prompt using the right combination of environment variables and command line arguments.