CVE-2018-19666

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-19666
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19666.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-19666
Published
2018-11-29T08:29:00.397Z
Modified
2026-04-10T04:09:05.294701Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by leveraging full access to the associated OSSEC server.

References

Affected packages

Git / github.com/ossec/ossec-hids

Affected ranges

Type
GIT
Repo
https://github.com/ossec/ossec-hids
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
897c7872535b185d912ad19eca18016496150474
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.1.0"
        }
    ]
}
Type
GIT
Repo
https://github.com/wazuh/wazuh
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
9b679001aac629a3e8bef2591603db5990ecaa93
Database specific 
{
    "versions": [
        {
            "introduced": "1.0.0"
        },
        {
            "last_affected": "2.1.1"
        }
    ]
}

Affected versions

2.*
2.7-beta2
2.9.0-beta01
2.9.0-beta02
2.9.0-beta03
3.*
3.0.0
3.0beta01
3.0beta02
3.0beta03
3.0beta2
3.1.0
Other
OSSEC_HIDS_0_4
snapshot/20150112
v1_1_0
v_09
v_0_8
v2.*
v2.0
v2.1.0
v2.1.1
v2.5.0-beta1
v2.7
v2.7-beta1
v2.7.1
v2.8.0
v2.9.0beta05

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19666.json"