{ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-11498", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Slack Nebula through 1.1.0 contains a relative path vulnerability that allows a low-privileged attacker to execute code in the context of the root user via tun_darwin.go or tun_windows.go. A user can also use Nebula to execute arbitrary code in the user's own context, e.g., for user-level persistence or to bypass security controls. NOTE: the vendor states that this \"requires a high degree of access and other preconditions that are tough to achieve.\"" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "url": "https://github.com/slackhq/nebula/pull/191", "refsource": "MISC", "name": "https://github.com/slackhq/nebula/pull/191" }, { "url": "http://www.pwn3d.org/posts/7918501-slack-nebula-relative-path-bug-bounty-disclosure", "refsource": "MISC", "name": "http://www.pwn3d.org/posts/7918501-slack-nebula-relative-path-bug-bounty-disclosure" } ] } }