CNNVD-202511-925 Information

CNNVD ID

CNNVD-202511-925

Related CVE

CVE-2025-43079

• CNNVD Published: 2025-11-10

Description (Chinese)

Qualys Cloud Agent是美国Qualys公司的一个轻量级应用程序。用于实时、全球可见性和响应的单一代理。 Qualys Cloud Agent存在安全漏洞，该漏洞源于未使用绝对路径且未清理$PATH环境变量，可能导致本地权限提升和任意命令执行。

Description (English)

Qualys Cloud Agent is a lightweight application for Qualys in the United States. Single agent for real time, global visibility and response. There is a security loophole in Qualys Cloud Agent, which stems from the non-use of absolute paths and the uncleaning of the $PATH environment variable, which may lead to local rights enhancement and arbitrary command execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Qualys

Published

2025-11-10

Last Modified

2026-02-24

References

https://www.qualys.com/security-advisories/cve-2025-43079