CVE-2022-38777

EPSS 0.08%
Published 08.02.2023 21:15:10
Last modified 25.03.2025 15:15:14
Source bressers@elastic.co
Teams watchlist Login
Open Login

An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Elastic ≫ Endgame Version < 3.62.3

Microsoft ≫ Windows Version-

Elastic ≫ Endpoint Security Version < 7.17.9

Microsoft ≫ Windows Version-

Elastic ≫ Endpoint Security Version >= 8.0.0 < 8.5.0

Microsoft ≫ Windows Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.241

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://www.elastic.co/community/security

Vendor Advisory

https://discuss.elastic.co/t/elastic-7-17-9-8-5-0-and-8-6-1-security-update/324661

Vendor Advisory

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2022-38777

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-38777

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-38777

EUVD