Unrated severityNVD Advisory· Published Nov 30, 2021· Updated Aug 4, 2024
CVE-2021-44230
CVE-2021-44230
Description
PortSwigger Burp Suite Enterprise Edition before 2021.11 on Windows has weak file permissions for the embedded H2 database, which might lead to privilege escalation. This issue can be exploited by an adversary who has already compromised a valid Windows account on the server via separate means. In this scenario, the compromised account may have inherited read access to sensitive configuration, database, and log files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- PortSwigger/Burp Suite Enterprise Editiondescription
- Range: <2021.11
Patches
Vulnerability mechanics
References
1- portswigger.net/burp/releases/enterprise-edition-2021-11mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.