CVE-2018-16497
HIGHVersa Analytics - Privilege Escalation via Writable Root Cron Job Script
Title source: llmDescription
In Versa Analytics, the cron jobs are used for scheduling tasks by executing commands at specific dates and times on the server. If the job is run as the user root, there is a potential privilege escalation vulnerability. In this case, the job runs a script as root that is writable by users who are members of the versa group.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://hackerone.com/reports/1168194
Scores
CVSS v3
7.8
EPSS
0.0023
EPSS Percentile
13.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
Status
published
Products (1)
versa-networks/versa_analytics
Published
May 26, 2021
Tracked Since
Feb 18, 2026