According to the CVSS metric, user interaction is required (UI:R) and privileges required is low (PR:L). What does that mean for this vulnerability? An authorized attacker must be on the machine and monitoring for actions as a step to exploit the race condition. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. How could an attacker exploit this vulnerability? A local attacker in the environment could exploit a race condition that allows a symlink attack when the victim user on the same system runs the nuget command. According to the CVSS metric, the attack vector is network (AV:N), and privilege required is low (PR:L). What is the target used in the context of the remote code execution? The attacker for this vulnerability could target the server accounts in an arbitrary or remote code execution. As an authenticated user, the attacker could attempt to trigger malicious code in the context of the server's account through a network call. The privilege requirement is low because the attacker needs to be authenticated as a normal user.
Kalle Niemitalo