发布时间: 2022年3月3日
修改时间: 2024年10月31日
Log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. Authentication is not forcibly enabled in the default configuration.
| NVD | openEuler | |
|---|---|---|
| Confidentiality | High | High |
| Attack Vector | Local | Local |
| CVSS评分 | 7.8 | 7.8 |
| Attack Complexity | Low | Low |
| Privileges Required | Low | Low |
| Scope | Unchanged | Unchanged |
| Integrity | High | High |
| User Interaction | None | None |
| Availability | High | High |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2022-1052 | A-Tune security update | 2022年3月3日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-4A | A-Tune | Fixed |
| KY3.4-5A | A-Tune | Fixed |
