Common Weakness Enumeration

CWE-269

Discouraged

Improper Privilege Management

Abstraction: Class · Status: Draft

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

5455 vulnerabilities reference this CWE, most recent first.

CVE-2024-2431 (GCVE-0-2024-2431)

Vulnerability from cvelistv5 – Published: 2024-03-13 17:51 – Updated: 2024-08-05 13:31
VLAI
Title
GlobalProtect App: Local User Can Disable GlobalProtect
Summary
An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
Vendor Product Version
Palo Alto Networks GlobalProtect App Affected: 6.0 , < 6.0.4 (custom)
Affected: 5.1 , < 5.1.12 (custom)
Affected: 5.2 , < 5.2.13 (custom)
Affected: 6.1 , < 6.1.1 (custom)
Unaffected: 6.2
Create a notification for this product.
paloaltonetworks globalprotect Affected: 5.1 , < 5.1.12 (custom)
Affected: 5.2 , < 5.2.13 (custom)
Affected: 6.0.0 , < 6.0.4 (custom)
Affected: 6.1.0 , < 6.1.1 (custom)
Unaffected: 6.2.0
    cpe:2.3:a:paloaltonetworks:globalprotect:5.1:*:*:*:*:*:*:*
    cpe:2.3:a:paloaltonetworks:globalprotect:5.2:*:*:*:*:universal_windows_platform:*:*
    cpe:2.3:a:paloaltonetworks:globalprotect:6.0.0:*:*:*:*:universal_windows_platform:*:*
    cpe:2.3:a:paloaltonetworks:globalprotect:6.1.0:*:*:*:*:universal_windows_platform:*:*
    cpe:2.3:a:paloaltonetworks:globalprotect:6.2.0:*:*:*:*:windows:*:*
Create a notification for this product.
Date Public
2024-03-13 16:00
Credits
Palo Alto Networks thanks AIG Red Team and Stephen Collyer for discovering and reporting this issue.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:11:53.593Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-2431"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:globalprotect:5.1:*:*:*:*:*:*:*",
              "cpe:2.3:a:paloaltonetworks:globalprotect:5.2:*:*:*:*:universal_windows_platform:*:*",
              "cpe:2.3:a:paloaltonetworks:globalprotect:6.0.0:*:*:*:*:universal_windows_platform:*:*",
              "cpe:2.3:a:paloaltonetworks:globalprotect:6.1.0:*:*:*:*:universal_windows_platform:*:*",
              "cpe:2.3:a:paloaltonetworks:globalprotect:6.2.0:*:*:*:*:windows:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "globalprotect",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "5.1.12",
                "status": "affected",
                "version": "5.1",
                "versionType": "custom"
              },
              {
                "lessThan": "5.2.13",
                "status": "affected",
                "version": "5.2",
                "versionType": "custom"
              },
              {
                "lessThan": "6.0.4",
                "status": "affected",
                "version": "6.0.0",
                "versionType": "custom"
              },
              {
                "lessThan": "6.1.1",
                "status": "affected",
                "version": "6.1.0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "6.2.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2431",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-15T15:20:30.083812Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:31:26.517Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "6.0.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.0.4",
              "status": "affected",
              "version": "6.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "5.1.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "5.1.12",
              "status": "affected",
              "version": "5.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "5.2.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "5.2.13",
              "status": "affected",
              "version": "5.2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "6.1.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.1.1",
              "status": "affected",
              "version": "6.1",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.2"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This is an issue only if \"Allow User to Disable GlobalProtect App\" is set to \"Allow with Passcode\". You should check this setting in your firewall web interface (Network \u003e GlobalProtect \u003e Portals \u003e (portal-config) \u003e Agent \u003e (agent-config) \u003e App) and take the appropriate actions as needed."
            }
          ],
          "value": "This is an issue only if \"Allow User to Disable GlobalProtect App\" is set to \"Allow with Passcode\". You should check this setting in your firewall web interface (Network \u003e GlobalProtect \u003e Portals \u003e (portal-config) \u003e Agent \u003e (agent-config) \u003e App) and take the appropriate actions as needed."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks AIG Red Team and Stephen Collyer for discovering and reporting this issue."
        }
      ],
      "datePublic": "2024-03-13T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode."
            }
          ],
          "value": "An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-13T17:51:17.735Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-2431"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in GlobalProtect app 5.1.12, GlobalProtect app 5.2.13, GlobalProtect app 6.0.4, GlobalProtect app 6.1.1, and all later GlobalProtect app versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in GlobalProtect app 5.1.12, GlobalProtect app 5.2.13, GlobalProtect app 6.0.4, GlobalProtect app 6.1.1, and all later GlobalProtect app versions.\n"
        }
      ],
      "source": {
        "defect": [
          "GPC-15349"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-13T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "GlobalProtect App: Local User Can Disable GlobalProtect",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "You can mitigate this issue by setting \"Allow User to Disable GlobalProtect App\" to \"Disallow\" or \"Allow with Ticket.\"\u003cbr\u003e"
            }
          ],
          "value": "You can mitigate this issue by setting \"Allow User to Disable GlobalProtect App\" to \"Disallow\" or \"Allow with Ticket.\"\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-2431",
    "datePublished": "2024-03-13T17:51:17.735Z",
    "dateReserved": "2024-03-13T16:19:25.624Z",
    "dateUpdated": "2024-08-05T13:31:26.517Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-2390 (GCVE-0-2024-2390)

Vulnerability from cvelistv5 – Published: 2024-03-18 15:37 – Updated: 2024-08-21 14:42
VLAI
Title
Local Privilege Escalation
Summary
As a part of Tenable’s vulnerability disclosure program, a vulnerability in a Nessus plugin was identified and reported. This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin in order to escalate privileges.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
Vendor Product Version
Tenable Nessus Agent Affected: 0 , < #202403142053 (custom)
Create a notification for this product.
Tenable Nessus Affected: 0 , < #202403142053 (custom)
Create a notification for this product.
tenable nessus_agent Affected: 0 , < #202403142053 (custom)
    cpe:2.3:a:tenable:nessus_agent:*:*:*:*:*:*:*:*
Create a notification for this product.
tenable nessus Affected: 0 , < #202403142053 (custom)
    cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-03-15 19:00
Credits
Rich Sprigg (RythmStick)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:11:53.526Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2024-05"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:tenable:nessus_agent:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "nessus_agent",
            "vendor": "tenable",
            "versions": [
              {
                "lessThan": "#202403142053",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "nessus",
            "vendor": "tenable",
            "versions": [
              {
                "lessThan": "#202403142053",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2390",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-21T14:01:06.803959Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-21T14:42:09.885Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "modules": [
            "Nessus Feed"
          ],
          "product": "Nessus Agent",
          "vendor": "Tenable",
          "versions": [
            {
              "lessThan": "#202403142053",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "modules": [
            "Nessus Feed"
          ],
          "product": "Nessus",
          "vendor": "Tenable",
          "versions": [
            {
              "lessThan": "#202403142053",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Rich Sprigg (RythmStick)"
        }
      ],
      "datePublic": "2024-03-15T19:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\nAs a part of Tenable\u2019s vulnerability disclosure program, a vulnerability in a Nessus plugin was identified and reported. This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin in order to escalate privileges.\n\n\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "\nAs a part of Tenable\u2019s vulnerability disclosure program, a vulnerability in a Nessus plugin was identified and reported. This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin in order to escalate privileges.\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-18T15:37:44.698Z",
        "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
        "shortName": "tenable"
      },
      "references": [
        {
          "url": "https://www.tenable.com/security/tns-2024-05"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\nTenable has released updates to plugins to resolve the issue. The updates have been distributed via the Tenable plugin feed in feed serial numbers equal to or greater than #202403142053.\n\n\u003cbr\u003e"
            }
          ],
          "value": "\nTenable has released updates to plugins to resolve the issue. The updates have been distributed via the Tenable plugin feed in feed serial numbers equal to or greater than #202403142053.\n\n"
        }
      ],
      "source": {
        "advisory": "TNS-2024-05",
        "discovery": "EXTERNAL"
      },
      "title": "Local Privilege Escalation ",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
    "assignerShortName": "tenable",
    "cveId": "CVE-2024-2390",
    "datePublished": "2024-03-18T15:37:44.698Z",
    "dateReserved": "2024-03-11T22:31:40.629Z",
    "dateUpdated": "2024-08-21T14:42:09.885Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-2297 (GCVE-0-2024-2297)

Vulnerability from cvelistv5 – Published: 2025-02-27 05:23 – Updated: 2026-04-08 17:23
VLAI
Title
Bricksbuilder <= 1.9.6.1 - Authenticated (Contributor+) Privilege Escalation via create_autosave
Summary
The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. This is due to insufficient validation checks placed on the create_autosave AJAX function. This makes it possible for authenticated attackers, with contributor-level access and above, to execute arbitrary PHP code with elevated (administrator-level) privileges. NOTE: Successful exploitation requires (1) the Bricks Builder to be enabled for posts (2) Builder access to be enabled for contributor-level users, and (3) "Code Execution" to be enabled for administrator-level users within the theme's settings.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
Impacted products
Vendor Product Version
Bricks Builder Bricks Affected: 0 , ≤ 1.9.6.1 (semver)
Create a notification for this product.
Credits
Emil Trägårdh
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2297",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-27T18:41:06.434361Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-27T18:41:18.031Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Bricks",
          "vendor": "Bricks Builder",
          "versions": [
            {
              "lessThanOrEqual": "1.9.6.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Emil Tr\u00e4g\u00e5rdh"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. This is due to insufficient validation checks placed on the create_autosave AJAX function. This makes it possible for authenticated attackers, with contributor-level access and above, to execute arbitrary PHP code with elevated (administrator-level) privileges. NOTE: Successful exploitation requires (1) the Bricks Builder to be enabled for posts (2) Builder access to be enabled for contributor-level users, and (3) \"Code Execution\" to be enabled for administrator-level users within the theme\u0027s settings."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T17:23:24.076Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cb075e85-75fc-4008-8270-4d1064ace29e?source=cve"
        },
        {
          "url": "https://bricksbuilder.io/release/bricks-1-9-7/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-26T00:00:00.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "Bricksbuilder \u003c= 1.9.6.1 - Authenticated (Contributor+) Privilege Escalation via create_autosave"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2024-2297",
    "datePublished": "2025-02-27T05:23:05.572Z",
    "dateReserved": "2024-03-07T18:05:08.201Z",
    "dateUpdated": "2026-04-08T17:23:24.076Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-2228 (GCVE-0-2024-2228)

Vulnerability from cvelistv5 – Published: 2024-03-22 15:50 – Updated: 2024-08-01 19:03
VLAI
Title
IdentityIQ Authorization of QuickLink Target Identities Vulnerability
Summary
This vulnerability allows an authenticated user to perform a Lifecycle Manager flow or other QuickLink for a target user outside of the defined QuickLink Population.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
Vendor Product Version
SailPoint IdentityIQ Affected: 8.1 , < 8.1p7 (semver)
Affected: 8.2 , < 8.2p7 (semver)
Affected: 8.3 , < 8.3p4 (semver)
Affected: 8.4 , < 8.4p1 (semver)
Create a notification for this product.
Date Public
2024-03-21 15:43
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2228",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-22T18:33:57.066222Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:21:16.762Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:03:39.121Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.sailpoint.com/security-advisories/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "IdentityIQ",
          "vendor": "SailPoint",
          "versions": [
            {
              "lessThan": "8.1p7",
              "status": "affected",
              "version": "8.1",
              "versionType": "semver"
            },
            {
              "lessThan": "8.2p7",
              "status": "affected",
              "version": "8.2",
              "versionType": "semver"
            },
            {
              "lessThan": "8.3p4",
              "status": "affected",
              "version": "8.3",
              "versionType": "semver"
            },
            {
              "lessThan": "8.4p1",
              "status": "affected",
              "version": "8.4",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2024-03-21T15:43:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This vulnerability allows an authenticated user to perform a Lifecycle Manager flow or other QuickLink for a target user outside of the defined QuickLink Population."
            }
          ],
          "value": "This vulnerability allows an authenticated user to perform a Lifecycle Manager flow or other QuickLink for a target user outside of the defined QuickLink Population."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-1",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-22T15:50:09.729Z",
        "orgId": "2cfc7547-56a0-4049-8b52-c3078e8a8719",
        "shortName": "SailPoint"
      },
      "references": [
        {
          "url": "https://www.sailpoint.com/security-advisories/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "IdentityIQ Authorization of QuickLink Target Identities Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7547-56a0-4049-8b52-c3078e8a8719",
    "assignerShortName": "SailPoint",
    "cveId": "CVE-2024-2228",
    "datePublished": "2024-03-22T15:50:09.729Z",
    "dateReserved": "2024-03-06T17:01:59.959Z",
    "dateUpdated": "2024-08-01T19:03:39.121Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-2005 (GCVE-0-2024-2005)

Vulnerability from cvelistv5 – Published: 2024-03-05 18:54 – Updated: 2024-08-29 17:10
VLAI
Title
SAML implementation allows privilege escalation
Summary
In Blue Planet® products through 22.12, a misconfiguration in the SAML implementation allows for privilege escalation. Only products using SAML authentication are affected. Blue Planet® has released software updates that address this vulnerability for the affected products. Customers are advised to upgrade their Blue Planet products to the latest software version as soon as possible. The software updates can be downloaded from the Ciena Support Portal.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
Vendor Product Version
Blue Planet Inventory (BPI) Affected: early versions , ≤ 22.12 (custom)
Unaffected: 21.10 MR11
Unaffected: 22.02 MR5
Unaffected: 22.08 MR4
Create a notification for this product.
Blue Planet Orchestration (BPO) Affected: early versions , ≤ 22.12 (custom)
Unaffected: 22.02.03
Unaffected: 22.08.05
Unaffected: 22.12.02
Create a notification for this product.
Blue Planet Route Optimization and Analysis (ROA) Affected: early versions , ≤ 22.12 (custom)
Unaffected: 22.02.P01.11-R
Unaffected: 22.08.P01.1-R
Unaffected: 22.12.P01.2.1-R
Create a notification for this product.
Blue Planet Unified Assurance and Analytics (UAA) Affected: early versions , ≤ 22.12 (custom)
Unaffected: 22.02 MR5
Unaffected: 22.12 MR2
Create a notification for this product.
blueplanet orchestration Affected: 0 , ≤ 22.12 (custom)
Unaffected: 22.02.03
Unaffected: 22.08.05
Unaffected: 22.12.02
    cpe:2.3:a:blueplanet:orchestration:*:*:*:*:*:*:*:*
Create a notification for this product.
blueplanet route_optimization_and_analysis Affected: 0 , ≤ 22.12 (custom)
Unaffected: 22.02.p01.11-r
Unaffected: 22.08.p01.1-r
Unaffected: 22.12.p01.2.1-r
    cpe:2.3:a:blueplanet:route_optimization_and_analysis:*:*:*:*:*:*:*:*
Create a notification for this product.
blueplanet inventory Affected: 0 , ≤ 22.12 (custom)
Unaffected: 21.10_mr11
Unaffected: 22.02_mr5
Unaffected: 22.08_mr4
    cpe:2.3:a:blueplanet:inventory:*:*:*:*:*:*:*:*
Create a notification for this product.
blueplanet unified_assurance_and_analytics Affected: 0 , ≤ 22.12 (custom)
Unaffected: 22.02_mr5
Unaffected: 22.12_mr2
    cpe:2.3:a:blueplanet:unified_assurance_and_analytics:*:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-03-04 17:07
Credits
Discovered by Prerit Chandok at Comcast
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:56:22.708Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.ciena.com/product-security"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:blueplanet:orchestration:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "orchestration",
            "vendor": "blueplanet",
            "versions": [
              {
                "lessThanOrEqual": "22.12",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "22.02.03"
              },
              {
                "status": "unaffected",
                "version": "22.08.05"
              },
              {
                "status": "unaffected",
                "version": "22.12.02"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:blueplanet:route_optimization_and_analysis:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "route_optimization_and_analysis",
            "vendor": "blueplanet",
            "versions": [
              {
                "lessThanOrEqual": "22.12",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "22.02.p01.11-r"
              },
              {
                "status": "unaffected",
                "version": "22.08.p01.1-r"
              },
              {
                "status": "unaffected",
                "version": "22.12.p01.2.1-r"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:blueplanet:inventory:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "inventory",
            "vendor": "blueplanet",
            "versions": [
              {
                "lessThanOrEqual": "22.12",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "21.10_mr11"
              },
              {
                "status": "unaffected",
                "version": "22.02_mr5"
              },
              {
                "status": "unaffected",
                "version": "22.08_mr4"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:blueplanet:unified_assurance_and_analytics:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "unified_assurance_and_analytics",
            "vendor": "blueplanet",
            "versions": [
              {
                "lessThanOrEqual": "22.12",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "22.02_mr5"
              },
              {
                "status": "unaffected",
                "version": "22.12_mr2"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2005",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-29T16:53:33.497826Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-29T17:10:16.253Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Inventory (BPI)",
          "vendor": "Blue Planet",
          "versions": [
            {
              "lessThanOrEqual": " 22.12",
              "status": "affected",
              "version": " early versions ",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": " 21.10 MR11"
            },
            {
              "status": "unaffected",
              "version": " 22.02 MR5"
            },
            {
              "status": "unaffected",
              "version": " 22.08 MR4"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Orchestration (BPO)",
          "vendor": "Blue Planet",
          "versions": [
            {
              "lessThanOrEqual": " 22.12",
              "status": "affected",
              "version": " early versions ",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": " 22.02.03"
            },
            {
              "status": "unaffected",
              "version": " 22.08.05"
            },
            {
              "status": "unaffected",
              "version": " 22.12.02"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Route Optimization and Analysis (ROA)",
          "vendor": "Blue Planet",
          "versions": [
            {
              "lessThanOrEqual": " 22.12",
              "status": "affected",
              "version": " early versions ",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": " 22.02.P01.11-R"
            },
            {
              "status": "unaffected",
              "version": " 22.08.P01.1-R"
            },
            {
              "status": "unaffected",
              "version": " 22.12.P01.2.1-R"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Unified Assurance and Analytics (UAA) ",
          "vendor": "Blue Planet",
          "versions": [
            {
              "lessThanOrEqual": " 22.12",
              "status": "affected",
              "version": " early versions ",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": " 22.02 MR5"
            },
            {
              "status": "unaffected",
              "version": " 22.12 MR2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Discovered by Prerit Chandok at Comcast"
        }
      ],
      "datePublic": "2024-03-04T17:07:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\n\n\u003c/p\u003e\u003cp\u003eIn Blue Planet\u00ae  products through 22.12, a misconfiguration in the SAML implementation allows for privilege escalation. Only products using SAML authentication are affected.\u003cbr\u003e\u003cbr\u003eBlue Planet\u00ae has released software updates that address this vulnerability for the affected products. Customers are advised to upgrade their Blue Planet products to the latest software version as soon as possible. The software updates can be downloaded from the Ciena Support Portal.\u003cbr\u003e\u003c/p\u003e\n\n\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\n\n\n\n\n\n"
            }
          ],
          "value": "\nIn Blue Planet\u00ae  products through 22.12, a misconfiguration in the SAML implementation allows for privilege escalation. Only products using SAML authentication are affected.\n\nBlue Planet\u00ae has released software updates that address this vulnerability for the affected products. Customers are advised to upgrade their Blue Planet products to the latest software version as soon as possible. The software updates can be downloaded from the Ciena Support Portal.\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-03T16:34:59.282Z",
        "orgId": "7bd90cf1-1651-495e-9ae8-9415fb3c9feb",
        "shortName": "Ciena"
      },
      "references": [
        {
          "url": "https://www.ciena.com/product-security"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\nSoftware patch to be applied\u003cbr\u003e"
            }
          ],
          "value": "\nSoftware patch to be applied\n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "SAML implementation allows privilege escalation",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7bd90cf1-1651-495e-9ae8-9415fb3c9feb",
    "assignerShortName": "Ciena",
    "cveId": "CVE-2024-2005",
    "datePublished": "2024-03-05T18:54:00.839Z",
    "dateReserved": "2024-02-29T11:16:19.384Z",
    "dateUpdated": "2024-08-29T17:10:16.253Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-2003 (GCVE-0-2024-2003)

Vulnerability from cvelistv5 – Published: 2024-06-21 07:20 – Updated: 2024-08-01 18:56
VLAI
Title
Local Privilege Escalation in Quarantine of ESET products for Windows
Summary
Local privilege escalation vulnerability allowed an attacker to misuse ESET's file operations during a restore operation from quarantine.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
Vendor Product Version
ESET, spol. s r.o. ESET NOD32 Antivirus Affected: 0 , < 1610 (custom)
Create a notification for this product.
ESET, spol. s r.o. ESET Internet Security Affected: 0 , < 1610 (custom)
Create a notification for this product.
ESET, spol. s r.o. ESET Smart Security Premium Affected: 0 , < 1610 (custom)
Create a notification for this product.
ESET, spol. s r.o. ESET Security Ultimate Affected: 0 , < 1610 (custom)
Create a notification for this product.
ESET, spol. s r.o. ESET Small Business Security Affected: 0 , < 1610 (custom)
Create a notification for this product.
ESET, spol. s r.o. ESET Safe Server Affected: 0 , < 1610 (custom)
Create a notification for this product.
ESET, spol. s r.o. ESET Endpoint Antivirus for Windows Affected: 0 , < 1610 (custom)
Create a notification for this product.
ESET, spol. s r.o. ESET Endpoint Security for Windows Affected: 0 , < 1610 (custom)
Create a notification for this product.
ESET, spol. s r.o. ESET Server Security for Windows Server Affected: 0 , < 1610 (custom)
Create a notification for this product.
ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server Affected: 0 , < 1610 (custom)
Create a notification for this product.
ESET, spol. s r.o. ESET Mail Security for IBM Domino Affected: 0 , < 1610 (custom)
Create a notification for this product.
ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server Affected: 0 , < 1610 (custom)
Create a notification for this product.
ESET, spol. s r.o. ESET File Security for Microsoft Azure Affected: 0 , < 1610 (custom)
Create a notification for this product.
eset internet_security Affected: 0 , < 1610 (custom)
    cpe:2.3:a:eset:safe_server:-:*:*:*:*:*:*:*
    cpe:2.3:a:eset:file_security:-:*:*:*:*:azure:*:*
    cpe:2.3:a:eset:security:-:*:*:*:*:sharepoint_server:*:*
    cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*
    cpe:2.3:a:eset:server_security:-:*:*:*:*:windows_server:*:*
    cpe:2.3:a:eset:endpoint_security:-:*:*:*:*:windows:*:*
    cpe:2.3:a:eset:endpoint_antivirus:-:*:*:*:*:windows:*:*
    cpe:2.3:a:eset:smart_security:-:*:*:*:business:*:*:*
    cpe:2.3:a:eset:security:-:*:*:*:ultimate:*:*:*
    cpe:2.3:a:eset:smart_security:-:*:*:*:premium:*:*:*
    cpe:2.3:a:eset:nod32:-:-:*:*:*:*:*:*
    cpe:2.3:a:eset:internet_security:-:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-06-20 10:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:eset:safe_server:-:*:*:*:*:*:*:*",
              "cpe:2.3:a:eset:file_security:-:*:*:*:*:azure:*:*",
              "cpe:2.3:a:eset:security:-:*:*:*:*:sharepoint_server:*:*",
              "cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*",
              "cpe:2.3:a:eset:server_security:-:*:*:*:*:windows_server:*:*",
              "cpe:2.3:a:eset:endpoint_security:-:*:*:*:*:windows:*:*",
              "cpe:2.3:a:eset:endpoint_antivirus:-:*:*:*:*:windows:*:*",
              "cpe:2.3:a:eset:smart_security:-:*:*:*:business:*:*:*",
              "cpe:2.3:a:eset:security:-:*:*:*:ultimate:*:*:*",
              "cpe:2.3:a:eset:smart_security:-:*:*:*:premium:*:*:*",
              "cpe:2.3:a:eset:nod32:-:-:*:*:*:*:*:*",
              "cpe:2.3:a:eset:internet_security:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "internet_security",
            "vendor": "eset",
            "versions": [
              {
                "lessThan": "1610",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2003",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-21T14:03:09.499428Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-21T14:18:48.023Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:56:22.634Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.eset.com/ca8674"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "Antivirus and antispyware scanner module"
          ],
          "product": "ESET NOD32 Antivirus",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "1610",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "Antivirus and antispyware scanner module"
          ],
          "product": "ESET Internet Security",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "1610",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "Antivirus and antispyware scanner module"
          ],
          "product": "ESET Smart Security Premium",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "1610",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "Antivirus and antispyware scanner module"
          ],
          "product": "ESET Security Ultimate",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "1610",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "Antivirus and antispyware scanner module"
          ],
          "product": "ESET Small Business Security",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "1610",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "Antivirus and antispyware scanner module"
          ],
          "product": "ESET Safe Server",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "1610",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "Antivirus and antispyware scanner module"
          ],
          "product": "ESET Endpoint Antivirus for Windows",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "1610",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "Antivirus and antispyware scanner module"
          ],
          "product": "ESET Endpoint Security for Windows",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "1610",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "Antivirus and antispyware scanner module"
          ],
          "product": "ESET Server Security for Windows Server",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "1610",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "Antivirus and antispyware scanner module"
          ],
          "product": "ESET Mail Security for Microsoft Exchange Server",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "1610",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "Antivirus and antispyware scanner module"
          ],
          "product": "ESET Mail Security for IBM Domino",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "1610",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "Antivirus and antispyware scanner module"
          ],
          "product": "ESET Security for Microsoft SharePoint Server",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "1610",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "modules": [
            "Antivirus and antispyware scanner module"
          ],
          "product": "ESET File Security for Microsoft Azure",
          "vendor": "ESET, spol. s r.o.",
          "versions": [
            {
              "lessThan": "1610",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2024-06-20T10:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Local privilege escalation vulnerability allowed an attacker to misuse ESET\u0027s file operations during a restore operation from quarantine."
            }
          ],
          "value": "Local privilege escalation vulnerability allowed an attacker to misuse ESET\u0027s file operations during a restore operation from quarantine."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-21T07:20:03.749Z",
        "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "shortName": "ESET"
      },
      "references": [
        {
          "url": "https://support.eset.com/ca8674"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Local Privilege Escalation in Quarantine of ESET products for Windows",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
    "assignerShortName": "ESET",
    "cveId": "CVE-2024-2003",
    "datePublished": "2024-06-21T07:20:03.749Z",
    "dateReserved": "2024-02-29T10:37:14.649Z",
    "dateUpdated": "2024-08-01T18:56:22.634Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-1973 (GCVE-0-2024-1973)

Vulnerability from cvelistv5 – Published: 2024-03-25 21:27 – Updated: 2024-08-06 13:35
VLAI
Title
Elevation of privileges vulnerability
Summary
By leveraging the vulnerability, lower-privileged users of Content Manager can manipulate Content Manager clients to elevate privileges and perform unauthorized operations.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
Vendor Product Version
OpenText Secure Content Manager Affected: 10.0 , < <=23.4 (custom)
Create a notification for this product.
opentext secure_content_manager Affected: 10.0 , ≤ 23.4 (custom)
    cpe:2.3:a:opentext:secure_content_manager:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Evan Pearce of CyberCX
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:56:22.550Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://portal.microfocus.com/s/article/KM000027861"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:opentext:secure_content_manager:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "secure_content_manager",
            "vendor": "opentext",
            "versions": [
              {
                "lessThanOrEqual": "23.4",
                "status": "affected",
                "version": "10.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-1973",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-06T13:32:31.130841Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:35:36.229Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "Secure Content Manager",
          "vendor": "OpenText",
          "versions": [
            {
              "lessThan": "\u003c=23.4",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Evan Pearce of CyberCX"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "By leveraging the vulnerability, lower-privileged users of Content Manager can manipulate Content Manager clients to elevate privileges and perform unauthorized operations. "
            }
          ],
          "value": "By leveraging the vulnerability, lower-privileged users of Content Manager can manipulate Content Manager clients to elevate privileges and perform unauthorized operations. "
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-25T21:27:43.774Z",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "OpenText"
      },
      "references": [
        {
          "url": "https://portal.microfocus.com/s/article/KM000027861"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Apply the following patch builds in your data center.\u003cbr\u003e\u003cbr\u003eSecure Content Manager 23.4 Patch 1: PH_215013 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://kmviewer.saas.microfocus.com/#/1566945\"\u003eContent Manager 23.4 Patch 1 Build 111\u003c/a\u003e\u003cbr\u003eSecure Content Manager 23.3 Patch 1: PH_215044 - \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://kmviewer.saas.microfocus.com/#/1567049\"\u003eContent Manager 23.3 Patch 1 Build 434\u003c/a\u003e\u003cbr\u003eSecure Content Manager 10.1 Patch 5: PH_215040 - Content Manager 10.1 Patch 5 Release Build 1054\u003cbr\u003eSecure Content Manager 10.0 Patch 6: PH_215038 - Content Manager 10.0 Patch 6 Build 1402\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "Apply the following patch builds in your data center.\n\nSecure Content Manager 23.4 Patch 1: PH_215013 -  Content Manager 23.4 Patch 1 Build 111 https://kmviewer.saas.microfocus.com/#/1566945 \nSecure Content Manager 23.3 Patch 1: PH_215044 -  Content Manager 23.3 Patch 1 Build 434 https://kmviewer.saas.microfocus.com/#/1567049 \nSecure Content Manager 10.1 Patch 5: PH_215040 - Content Manager 10.1 Patch 5 Release Build 1054\nSecure Content Manager 10.0 Patch 6: PH_215038 - Content Manager 10.0 Patch 6 Build 1402\n\n"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Elevation of privileges vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "OpenText",
    "cveId": "CVE-2024-1973",
    "datePublished": "2024-03-25T21:27:43.774Z",
    "dateReserved": "2024-02-28T15:31:04.998Z",
    "dateUpdated": "2024-08-06T13:35:36.229Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-1908 (GCVE-0-2024-1908)

Vulnerability from cvelistv5 – Published: 2024-02-29 18:23 – Updated: 2024-08-05 15:06
VLAI
Title
Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed Privilege Escalation
Summary
An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed an attacker to use the Enterprise Actions GitHub Connect download token to fetch private repository data. An attacker would require an account on the server instance with non-default settings for GitHub Connect. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.16, 3.9.11, 3.10.8, and 3.11.6. This vulnerability was reported via the GitHub Bug Bounty program. 
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
Impacted products
Vendor Product Version
GitHub Enterprise Server Affected: 3.8.0 , < 3.8.16 (semver)
Affected: 3.9.0 , < 3.9.11 (semver )
Affected: 3.10.0 , < 3.10.8 (semver)
Affected: 3.11.0 , < 3.11.6 (semver)
Unaffected: 3.12.0
Create a notification for this product.
Date Public
2024-02-29 18:24
Credits
ahacker1
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:56:22.478Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes/#3.8.16"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes/#3.9.11"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.16"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-1908",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-05T15:05:35.509278Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:06:12.570Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Enterprise Server",
          "vendor": "GitHub",
          "versions": [
            {
              "changes": [
                {
                  "at": "3.8.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "3.8.16",
              "status": "affected",
              "version": "3.8.0",
              "versionType": "semver"
            },
            {
              "changes": [
                {
                  "at": "3.9.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "3.9.11",
              "status": "affected",
              "version": "3.9.0",
              "versionType": "semver "
            },
            {
              "changes": [
                {
                  "at": "3.10.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "3.10.8",
              "status": "affected",
              "version": "3.10.0",
              "versionType": "semver"
            },
            {
              "changes": [
                {
                  "at": "3.11.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "3.11.6",
              "status": "affected",
              "version": "3.11.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "3.12.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "ahacker1"
        }
      ],
      "datePublic": "2024-02-29T18:24:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn Improper Privilege Management vulnerability\u0026nbsp;was identified in GitHub Enterprise Server that allowed an attacker to use the Enterprise Actions GitHub Connect download token to fetch private repository data. An attacker would require an account on the server instance with non-default settings for GitHub Connect. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.16, 3.9.11, 3.10.8, and 3.11.6. This vulnerability was reported via the GitHub Bug Bounty program.\u0026nbsp;\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "An Improper Privilege Management vulnerability\u00a0was identified in GitHub Enterprise Server that allowed an attacker to use the Enterprise Actions GitHub Connect download token to fetch private repository data. An attacker would require an account on the server instance with non-default settings for GitHub Connect. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.16, 3.9.11, 3.10.8, and 3.11.6. This vulnerability was reported via the GitHub Bug Bounty program.\u00a0\n\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-29T18:23:21.156Z",
        "orgId": "82327ea3-741d-41e4-88f8-2cf9e791e760",
        "shortName": "GitHub_P"
      },
      "references": [
        {
          "url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes/#3.8.16"
        },
        {
          "url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes/#3.9.11"
        },
        {
          "url": "https://https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.8"
        },
        {
          "url": "https://https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.16"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed Privilege Escalation",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "82327ea3-741d-41e4-88f8-2cf9e791e760",
    "assignerShortName": "GitHub_P",
    "cveId": "CVE-2024-1908",
    "datePublished": "2024-02-29T18:23:21.156Z",
    "dateReserved": "2024-02-26T21:18:16.296Z",
    "dateUpdated": "2024-08-05T15:06:12.570Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-1764 (GCVE-0-2024-1764)

Vulnerability from cvelistv5 – Published: 2024-03-05 21:35 – Updated: 2024-12-04 15:42
VLAI
Summary
Improper privilege management in Just-in-time (JIT) elevation module in Devolutions Server 2023.3.14.0 and earlier allows a user to continue using the elevated privilege even after the expiration under specific circumstances
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
Impacted products
Vendor Product Version
Devolutions Server Affected: 0 , ≤ 2023.3.14.0 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:48:21.983Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://devolutions.net/security/advisories/DEVO-2024-0002"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 7.6,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "LOW",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-1764",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-05T20:23:51.915244Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-04T15:42:58.365Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "Just-in-time (JIT) elevation module"
          ],
          "product": "Server",
          "vendor": "Devolutions",
          "versions": [
            {
              "lessThanOrEqual": "2023.3.14.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eImproper privilege management in Just-in-time (JIT) elevation module in Devolutions Server 2023.3.14.0 and earlier allows a user to continue using the elevated privilege even after the expiration under specific circumstances\u003cbr\u003e\u003c/div\u003e"
            }
          ],
          "value": "Improper privilege management in Just-in-time (JIT) elevation module in Devolutions Server 2023.3.14.0 and earlier allows a user to continue using the elevated privilege even after the expiration under specific circumstances\n\n\n"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-05T21:35:52.233Z",
        "orgId": "bfee16bd-18e6-446c-9a65-f5b2e3d89c23",
        "shortName": "DEVOLUTIONS"
      },
      "references": [
        {
          "url": "https://devolutions.net/security/advisories/DEVO-2024-0002"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bfee16bd-18e6-446c-9a65-f5b2e3d89c23",
    "assignerShortName": "DEVOLUTIONS",
    "cveId": "CVE-2024-1764",
    "datePublished": "2024-03-05T21:35:52.233Z",
    "dateReserved": "2024-02-22T15:54:24.026Z",
    "dateUpdated": "2024-12-04T15:42:58.365Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-1575 (GCVE-0-2024-1575)

Vulnerability from cvelistv5 – Published: 2024-07-23 01:39 – Updated: 2024-08-01 18:40
VLAI
Summary
The improper privilege management vulnerability in the Zyxel WBE660S firmware version 6.70(ACGG.3) and earlier versions could allow an authenticated user to escalate privileges and download the configuration files on a vulnerable device.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
Vendor Product Version
Zyxel WBE660S firmware Affected: <= 6.70(ACGG.3)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-1575",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-23T13:18:17.536628Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-23T13:18:27.277Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:40:21.490Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-07-23-2024"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "WBE660S firmware",
          "vendor": "Zyxel",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 6.70(ACGG.3)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The improper privilege management vulnerability in the Zyxel WBE660S firmware version 6.70(ACGG.3) and earlier versions could allow an authenticated user to escalate privileges and download the configuration files on a vulnerable device."
            }
          ],
          "value": "The improper privilege management vulnerability in the Zyxel WBE660S firmware version 6.70(ACGG.3) and earlier versions could allow an authenticated user to escalate privileges and download the configuration files on a vulnerable device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-23T01:39:53.232Z",
        "orgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
        "shortName": "Zyxel"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-aps-07-23-2024"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "96e50032-ad0d-4058-a115-4d2c13821f9f",
    "assignerShortName": "Zyxel",
    "cveId": "CVE-2024-1575",
    "datePublished": "2024-07-23T01:39:53.232Z",
    "dateReserved": "2024-02-16T07:27:10.034Z",
    "dateUpdated": "2024-08-01T18:40:21.490Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-48
Architecture and Design

Strategy: Separation of Privilege

Follow the principle of least privilege when assigning access rights to entities in a software system.

Mitigation MIT-49
Architecture and Design

Strategy: Separation of Privilege

Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.

CAPEC-122: Privilege Abuse

An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.

CAPEC-233: Privilege Escalation

An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.

CAPEC-58: Restful Privilege Elevation

An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.