CVE-2022-45306

Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all users in the Authenticated Users group write privileges for the subfolder C:agent and all files located in that folder.
Configurations

Configuration 1

cpe:2.3:a:chocolatey:chocolatey_azure-pipelines-agent:*:*:*:*:*:*:*:*

Information

Published : 2022-11-29 02:15

Updated : 2022-12-01 05:01


NVD link : CVE-2022-45306

Mitre link : CVE-2022-45306

Products Affected
No products.
CWE