Vulnerabilities > CVE-2021-45008 - Improper Preservation of Permissions vulnerability in Plesk 18.0.37

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

plesk

CWE-281

NVD

Published: 2022-02-21

Updated: 2024-04-11

Summary

Plesk CMS 18.0.37 is affected by an insecure permissions vulnerability that allows privilege Escalation from user to admin rights. OTE: the vendor states that this is only a site-specific problem on websites of one or more Plesk users

Vulnerable Configurations

Part	Description	Count
Application	Plesk Plesk Plesk 18.0.37	1

Common Weakness Enumeration (CWE)

CWE-281 - Improper Preservation of Permissions

References

https://github.com/AS4mir/CVE-2021-45008/blob/main/README.md