Home > Vulnerability Database > WS-2023-0328

Mend.io Vulnerability Database

WS-2023-0328

Date: October 3, 2023

The crate please is vulnerable to privilege escalation using ioctls TIOCSTI and TIOCLINUX on systems where they are not disabled. This affects both the case where root wants to drop privileges as well when non-root wants to gain other privileges.

Language: RUST

Severity Score

4.6

Related Resources (2)

Url: https://rustsec.org/advisories/RUSTSEC-2023-0066.html

Url: https://www.mend.io/vulnerability-database/WS-2023-0328

Severity Score

4.6

Weakness Type (CWE)

Improper Privilege Management

CWE-269

CVSS v3.1

Base Score:	4.6
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	REQUIRED
Scope (S):	CHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

WS-2023-0328

Date: October 3, 2023

Language: RUST

Severity Score

Related Resources (2)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?