vulnerability
Amazon Linux AMI: CVE-2019-13033: Security patch for lynis (ALAS-2020-1419)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | Jun 18, 2020 | Sep 1, 2020 | Sep 1, 2020 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Jun 18, 2020
Added
Sep 1, 2020
Modified
Sep 1, 2020
Description
In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing the license key, it may be possible to upload the data of additional scans.
Solution
amazon-linux-upgrade-lynis
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.