Vulnerability in Gwos Groundwork_monitor

CVE-2013-3500

The Foundation webapp admin interface in GroundWork Monitor Enterprise 6.7.0 uses the nagios account as the owner of writable files under /usr/local/groundwork, which allows context-dependent attackers to bypass intended filesystem restric…

EPSS: 0.024 (81.6th percentile) — read the EPSS interpretation.

Affected products

Gwos Groundwork_monitor — versions 6.7.0
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_MISC)
VU#345260 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)