English
Français
Light
Dark
System

Alert System

Stay informed at all times
Create an account Open a free account Login Manage your alerts

Duo Authentication Proxy 2.4.19

CPE Details

Duo Authentication Proxy 2.4.19
duo
authentication_proxy
2.4.19
2021-05-27 16:49 +00:00
2021-05-27 16:51 +00:00
CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.
Alert management

CPE Name: cpe:2.3:a:duo:authentication_proxy:2.4.19:*:*:*:*:*:*:*

Informations

Vendor

duo

Product

authentication_proxy

Version

2.4.19

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-1492 2021-03-24 23:00 +00:00 The Duo Authentication Proxy installer prior to 5.2.1 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitrary privileged directories. If successful, an attacker can manipulate files used by Duo Authentication Proxy installer, cause Denial of Service (DoS) by deleting file(s), or replace system files to potentially achieve elevation of privileges. This is only exploitable during new installations, while the installer is running, and is not exploitable once installation has finished. Versions 5.2.1 of Duo Authentication Proxy installer addresses this issue.
7.1
HIGH

More information
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.