CVE-2019-3999

Publication date

2020-02-25 18:15:03

Family

tenable

State

PUBLISHED

Description

Improper neutralization of special elements used in an OS command in Druva inSync Windows Client 6.5.0 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.