Stealth
CVE-2021-35056
MEDIUM
Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Unisys Stealth 5.1 before 5.1.025.0 and 6.0 before 6.0.055.0 has an unquoted Windows search path for a scheduled task. An unintended executable might run.
AnalysisAI
Unisys Stealth 5.1 before 5.1.025.0 and 6.0 before 6.0.055.0 has an unquoted Windows search path for a scheduled task. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-428. Unisys Stealth 5.1 before 5.1.025.0 and 6.0 before 6.0.055.0 has an unquoted Windows search path for a scheduled task. An unintended executable might run. Affected products include: Unisys Stealth. Version information: before 5.1.025.0.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
In Unisys Stealth 3.4.x, 4.x and 5.x before 5.0.026, if certificate-based authorization is used without HTTPS, an endpoi
In Unisys Stealth (core) before 6.0.025.0, the Keycloak password is stored in a recoverable format that might be accessi
Unisys Stealth(core) before 4.0.134 stores passwords in a recoverable format. Rated high severity (CVSS 7.8), this vulne
Unisys Stealth 3.3 Windows endpoints before 3.3.016.1 allow local users to gain access to Stealth-enabled devices by lev
An issue discovered in Unisys Stealth 5.3.062.0 allows attackers to view sensitive information via the Enterprise Manage
Unisys Stealth (core) 5.x before 5.0.048.0, 5.1.x before 5.1.017.0, and 6.x before 6.0.037.0 stores passwords in a recov
Same weakness CWE-428 – Unquoted Search Path or Element
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today