CloudLinux CageFS 7.1.1-1 or below passes the authentication token as a command line argument. In some configurations this allows local users to view the authentication token via the process list and gain code execution as another user.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-01-22T13:53:35.745Z

Updated: 2024-08-04T17:37:07.145Z

Reserved: 2024-01-22T13:33:26.500Z

Link: CVE-2020-36771

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2024-01-22T14:15:07.530

Modified: 2024-11-21T05:30:16.320

Link: CVE-2020-36771

cve-icon Redhat

No data.