CVE-2024-23764

EPSS 0.03%
Veröffentlicht 08.02.2024 19:15:08
Zuletzt bearbeitet 15.05.2025 20:15:44
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15 and later, WithSecure Server Security 15 and later, WithSecure Email and Server Security 15 and later, and WithSecure Elements Endpoint Protection 17 and later.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Withsecure ≫ Client Security Version15

Withsecure ≫ Server Security Version15

Withsecure ≫ Email And Server Security Version15

Withsecure ≫ Elements Endpoint Protection Version17

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.07

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://www.withsecure.com/en/support/security-advisories

Product

https://www.withsecure.com/en/support/security-advisories/cve-2024-23764

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-23764

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-23764

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-23764

EUVD