Cloud Agent
Approved changes feed: RSS · Atom
cpe:2.3:a:qualys:cloud_agent:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Qualys (e1377980-03f0-5785-b9ec-b92371704dec) |
|---|---|
| Product | Cloud Agent (7ad50ebe-70f0-5dee-9c1d-c36a0cda2c0b) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-28143 |
vulnerable | 2026-06-08 06:01:09.728806 |
Local Privilege Escalation
MEDIUM (6.7)
Qualys Cloud Agent for macOS (versions 2.5.1-75 before 3.7)
installer allows a local escalation of privilege bounded only to the time of
installation and only on older macOSX (macOS 10.15 and older) versions.
Attackers may exploit incorrect file permissions to give them ROOT command
execution privileges on the host. During the install of the PKG, a step in the
process involves extracting the package and copying files to several
directories. Attackers may gain writable access to files during the install of
PKG when extraction of the package and copying files to several directories,
enabling a local escalation of privilege.
Published: 2023-04-18T15:54:16.031Z
Updated: 2025-02-05T20:25:58.551Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28142 |
vulnerable | 2026-06-08 06:01:09.728409 |
Race Condition
MEDIUM (6.7)
A Race Condition exists in the Qualys Cloud Agent for Windows
platform in versions from 3.1.3.34 and before 4.5.3.1. This allows attackers to
escalate privileges limited on the local machine during uninstallation of the
Qualys Cloud Agent for Windows. Attackers may gain SYSTEM level privileges on
that asset to run arbitrary commands.
At the time of this disclosure, versions before 4.0 are classified as End
of Life.
Published: 2023-04-18T15:51:58.344Z
Updated: 2025-03-03T19:22:08.808Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28141 |
vulnerable | 2026-06-08 06:01:09.727959 |
NTFS Junction
MEDIUM (6.7)
An NTFS Junction condition exists in the Qualys Cloud Agent
for Windows platform in versions before 4.8.0.31. Attackers may write files to
arbitrary locations via a local attack vector. This allows attackers to assume
the privileges of the process, and they may delete or otherwise on unauthorized
files, allowing for the potential modification or deletion of sensitive files
limited only to that specific directory/file object. This vulnerability is
bounded to the time of installation/uninstallation and can only be exploited locally.
At the time of this disclosure, versions before 4.0 are
classified as End of Life.
Published: 2023-04-18T15:50:19.411Z
Updated: 2025-03-03T19:22:56.830Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28140 |
vulnerable | 2026-06-08 06:01:09.726905 |
Executable Hijacking
MEDIUM (6.7)
An Executable Hijacking condition exists in the
Qualys Cloud Agent for Windows platform in versions before 4.5.3.1. Attackers
may load a malicious copy of a Dependency Link Library (DLL) via a local
attack vector instead of the DLL that the application was expecting, when
processes are running with escalated privileges. This vulnerability
is bounded only to the time of uninstallation and can only be exploited
locally.
At the time of this disclosure, versions before 4.0 are classified as End of
Life.
Published: 2023-04-18T15:47:37.719Z
Updated: 2025-02-26T19:23:20.308Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.