Unrated severityNVD Advisory· Published Apr 18, 2019· Updated Nov 21, 2024
Cisco Directory Connector Search Order Hijacking Vulnerability
CVE-2019-1794
Description
A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of their choosing. The vulnerability is due to uncontrolled search path elements. An attacker could exploit this vulnerability by placing a binary of their choosing earlier in the search path utilized by Cisco Directory Connector to locate and load required resources.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 2.2
Patches
Vulnerability mechanics
References
2- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-cdc-hijackmitrevendor-advisoryx_refsource_CISCO
- www.securityfocus.com/bid/108032mitrevdb-entryx_refsource_BID
News mentions
0No linked articles in our index yet.