Unprivileged User Policy Modification Vulnerability in Sygate Security Agent

Unprivileged User Policy Modification Vulnerability in Sygate Security Agent

CVE-2005-1103 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Sygate Security Agent (SSA) in Sygate Secure Enterprise 3.5 through 4.1 does not prevent the security policy from being updated by unprivileged users, which allows local users to modify the policy by exporting the policy file, changing it, and importing it back into SSA.

Learn more about our User Device Pen Test.