VYPR
Unrated severityNVD Advisory· Published Jun 30, 2020· Updated Aug 4, 2024

CVE-2020-15397

CVE-2020-15397

Description

HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the uucp account). This allows these users to execute code in the context of the user calling these binaries (often root).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.