The Windows client in SAP Afaria 7.0.6398.0 uses weak permissions (Everyone: read and Everyone: write) for the install folder, which allows local users to gain privileges via a Trojan horse XeService.exe file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap afaria 7.0.6398.0 |