Main Vulnerability Database Vulnerabilities #VU66179

Incorrect Privilege Assignment in Hestia Control Panel - CVE-2022-2626

Published: August 8, 2022

Vulnerability identifier: #VU66179

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-2626

CWE-ID: CWE-266

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Hestia Control Panel

Software vendor:
Hestia Control Panel

Description

The vulnerability allows a remote administrator to escalate privileges on the system.

The vulnerability exists due to incorrect permission assignment in Ubuntu, which leads to security restrictions bypass and privilege escalation.

Install updates from vendor's website.