.. Reminder for header structure:        
  Parts (H1)          : #################### with overline
  Chapters (H2)        : ******************** with overline
  Sections (H3)        : ====================
  Subsections (H4)    : --------------------
  Subsubsections (H5) : ^^^^^^^^^^^^^^^^^^^^
  Paragraphs (H6)      : """""""""""""""""""""

.. meta::
  :description: Security bulletin
  :keywords: WAPT, security, CVE, MITRE, CERT-FR, vulnerability, disclosure

#################
Security bulletin
#################

.. _CVE-2021-38608:

*****************************
WAPT-2021-01 : CVE-2021-38608
*****************************

* Brief: Insecure permission allows a user running as guest to escalate privileges.

* Announced: August 13, 2021.

* Impact: **High**.

* Products: WAPT Enterprise & Community.

* Impacted versions: WAPT Enterprise < 2.0.0.9450, WAPT Enterprise < 1.8.2.7373
  and WAPT Community < 1.8.2.7373.

* Description: Insecure permission allows guest OS users to escalate
  privileges via WAPT Agent.

* Reporter: Anass ANNOUR from the ORM/ITT&AC Risk Assessment Team, BNPParibas.

* Published CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38608.
