| Max CVSS | 3.7 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-13033 | 2.1 |
In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing t
|
27-01-2023 - 20:31 | 18-06-2020 - 18:15 | |
| CVE-2020-13882 | 3.7 |
CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The routine to check the log and report file permissions was not working as intended and could be bypassed locally. Because of the race, an unprivileged attack
|
07-11-2022 - 13:37 | 18-06-2020 - 18:15 |