CVE-2020-28169

Published December 24th, 2020

View on NVD ↗

CVSS v3

HIGH

CVSS v2

6.9

MEDIUM

Affected

PROJECTS

Description

The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges because the bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITY\SYSTEM.

fluent/fluentd

Fluentd: Unified Logging Layer (project under CNCF)

GitHub

13.5K

fluent/fluent-package-builder

td-agent (Fluentd) Building and Packaging System

GitHub