8.5
CVE-2024-43479
- EPSS 0.68%
- Veröffentlicht 10.09.2024 17:15:35
- Zuletzt bearbeitet 13.09.2024 14:38:13
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
LoginMicrosoft Power Automate Desktop Remote Code Execution Vulnerability
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Power Automate SwPlatformwindows Version >= 2.41 < 2.41.178.24249
Microsoft ≫ Power Automate SwPlatformwindows Version >= 2.42 < 2.42.331.24249
Microsoft ≫ Power Automate SwPlatformwindows Version >= 2.43 < 2.43.249.24249
Microsoft ≫ Power Automate SwPlatformwindows Version >= 2.44 < 2.44.55.24249
Microsoft ≫ Power Automate SwPlatformwindows Version >= 2.45 < 2.45.404.24249
Microsoft ≫ Power Automate SwPlatformwindows Version >= 2.46 < 2.46.181.24249
Microsoft ≫ Power Automate SwPlatformwindows Version >= 2.47 < 2.47.119.24249
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.68% | 0.709 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 8.5 | 1.8 | 6 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.