Unrated severityNVD Advisory· Published Oct 24, 2014· Updated May 6, 2026

CVE-2014-7298

Description

adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality.

Affected products

Centrify/Centrify Suite4 versions
cpe:2.3:a:centrify:centrify_suite:2008:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:centrify:centrify_suite:2008:*:*:*:*:*:*:*
- cpe:2.3:a:centrify:centrify_suite:2012:*:*:*:*:*:*:*
- cpe:2.3:a:centrify:centrify_suite:2012.5:*:*:*:*:*:*:*
- cpe:2.3:a:centrify:centrify_suite:2014.1:*:*:*:*:*:*:*
Centrify/Directcontrol2 versions
cpe:2.3:a:centrify:directcontrol:3.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:centrify:directcontrol:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:centrify:directcontrol:4.2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000