Back
Scanning exclusion paths disclosure in BEST for Windows (VA-9380)
Publication date: May 18th, 2021
CVSS scrore:
4.0 - https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected vendors:
Bitdefender
Affected products:
Bitdefender Endpoint Security Tools for Windows
Vulnerability details:
An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows allows a regular user to learn the scanning exclusion paths. This issue affects Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320.
Additional details:
An automatic update to version 6.6.23.320 fixes the issue.