CWE-269
Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
CVE-2024-22145 (GCVE-0-2024-22145)
Vulnerability from cvelistv5 – Published: 2024-05-17 08:46 – Updated: 2026-04-28 16:09
VLAI
Title
WordPress InstaWP Connect plugin <= 0.1.0.8 - Arbitrary Option Update to Privilege Escalation vulnerability
Summary
Incorrect Privilege Assignment vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.8.
Severity
8.8 (High)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| InstaWP | InstaWP Connect |
Affected:
0 , ≤ 0.1.0.8
(custom)
|
Date Public
2026-04-01 16:23
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:instawp:instawp_connect:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "instawp_connect",
"vendor": "instawp",
"versions": [
{
"lessThanOrEqual": "0.1.0.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22145",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-20T19:49:25.560036Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:52:29.504Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/instawp-connect/wordpress-instawp-connect-plugin-0-1-0-8-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "instawp-connect",
"product": "InstaWP Connect",
"vendor": "InstaWP",
"versions": [
{
"changes": [
{
"at": "0.1.0.9",
"status": "unaffected"
}
],
"lessThanOrEqual": "0.1.0.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Majed Refaea | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:23:17.105Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Privilege Assignment vulnerability in InstaWP InstaWP Connect instawp-connect.\u003cp\u003eThis issue affects InstaWP Connect: from n/a through \u003c= 0.1.0.8.\u003c/p\u003e"
}
],
"value": "Incorrect Privilege Assignment vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through \u003c= 0.1.0.8."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:08.604Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/instawp-connect/vulnerability/wordpress-instawp-connect-plugin-0-1-0-8-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "WordPress InstaWP Connect plugin \u003c= 0.1.0.8 - Arbitrary Option Update to Privilege Escalation vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-22145",
"datePublished": "2024-05-17T08:46:53.282Z",
"dateReserved": "2024-01-05T11:18:25.467Z",
"dateUpdated": "2026-04-28T16:09:08.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-22157 (GCVE-0-2024-22157)
Vulnerability from cvelistv5 – Published: 2024-05-17 08:47 – Updated: 2026-04-28 16:09
VLAI
Title
WordPress SalesKing plugin <= 1.6.15 - Unauthenticated Privilege Escalation vulnerability
Summary
Improper Privilege Management vulnerability in WebWizards SalesKing allows Privilege Escalation.This issue affects SalesKing: from n/a through 1.6.15.
Severity
9.8 (Critical)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/sal… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WebWizards | SalesKing |
Affected:
n/a , ≤ 1.6.15
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22157",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-17T16:45:36.515688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:52:49.116Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/salesking/wordpress-salesking-plugin-1-6-15-unauthenticated-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SalesKing",
"vendor": "WebWizards",
"versions": [
{
"changes": [
{
"at": "1.6.30",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.6.15",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Dave Jong (Patchstack)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Privilege Management vulnerability in WebWizards SalesKing allows Privilege Escalation.\u003cp\u003eThis issue affects SalesKing: from n/a through 1.6.15.\u003c/p\u003e"
}
],
"value": "Improper Privilege Management vulnerability in WebWizards SalesKing allows Privilege Escalation.This issue affects SalesKing: from n/a through 1.6.15."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:09.028Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/salesking/wordpress-salesking-plugin-1-6-15-unauthenticated-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 1.6.30 or a higher version."
}
],
"value": "Update to 1.6.30 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress SalesKing plugin \u003c= 1.6.15 - Unauthenticated Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-22157",
"datePublished": "2024-05-17T08:47:16.592Z",
"dateReserved": "2024-01-05T11:18:51.829Z",
"dateUpdated": "2026-04-28T16:09:09.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-22278 (GCVE-0-2024-22278)
Vulnerability from cvelistv5 – Published: 2024-08-02 00:59 – Updated: 2024-08-14 21:35
VLAI
Title
Harbor fails to validate the user permissions when updating project configurations
Summary
Incorrect user permission validation in Harbor <v2.9.5 and Harbor <v2.10.3 allows authenticated users to modify configurations.
Severity
6.4 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22278",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-02T16:14:46.125656Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-02T16:15:02.950Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "harbor",
"vendor": "harbor",
"versions": [
{
"lessThan": "\u003cv2.9.5",
"status": "affected",
"version": "2.9.4",
"versionType": "custom"
},
{
"lessThan": "\u003cv2.10.3",
"status": "affected",
"version": "2.10.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect user permission validation in Harbor \u0026lt;v2.9.5 and Harbor \u0026lt;v2.10.3 allows authenticated users to modify configurations."
}
],
"value": "Incorrect user permission validation in Harbor \u003cv2.9.5 and Harbor \u003cv2.10.3 allows authenticated users to modify configurations."
}
],
"impacts": [
{
"capecId": "CAPEC-176",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-176 Configuration/Environment Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T21:35:37.751Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://github.com/goharbor/harbor/security/advisories/GHSA-hw28-333w-qxp3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Harbor fails to validate the user permissions when updating project configurations",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22278",
"datePublished": "2024-08-02T00:59:55.313Z",
"dateReserved": "2024-01-08T18:43:18.959Z",
"dateUpdated": "2024-08-14T21:35:37.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2228 (GCVE-0-2024-2228)
Vulnerability from cvelistv5 – Published: 2024-03-22 15:50 – Updated: 2024-08-01 19:03
VLAI
Title
IdentityIQ Authorization of QuickLink Target Identities Vulnerability
Summary
This vulnerability allows an authenticated user to perform a Lifecycle Manager flow or other QuickLink for a target user outside of the defined QuickLink Population.
Severity
7.1 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SailPoint | IdentityIQ |
Affected:
8.1 , < 8.1p7
(semver)
Affected: 8.2 , < 8.2p7 (semver) Affected: 8.3 , < 8.3p4 (semver) Affected: 8.4 , < 8.4p1 (semver) |
Date Public
2024-03-21 15:43
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2228",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-22T18:33:57.066222Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:16.762Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:03:39.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.sailpoint.com/security-advisories/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "IdentityIQ",
"vendor": "SailPoint",
"versions": [
{
"lessThan": "8.1p7",
"status": "affected",
"version": "8.1",
"versionType": "semver"
},
{
"lessThan": "8.2p7",
"status": "affected",
"version": "8.2",
"versionType": "semver"
},
{
"lessThan": "8.3p4",
"status": "affected",
"version": "8.3",
"versionType": "semver"
},
{
"lessThan": "8.4p1",
"status": "affected",
"version": "8.4",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-03-21T15:43:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This vulnerability allows an authenticated user to perform a Lifecycle Manager flow or other QuickLink for a target user outside of the defined QuickLink Population."
}
],
"value": "This vulnerability allows an authenticated user to perform a Lifecycle Manager flow or other QuickLink for a target user outside of the defined QuickLink Population."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-22T15:50:09.729Z",
"orgId": "2cfc7547-56a0-4049-8b52-c3078e8a8719",
"shortName": "SailPoint"
},
"references": [
{
"url": "https://www.sailpoint.com/security-advisories/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IdentityIQ Authorization of QuickLink Target Identities Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7547-56a0-4049-8b52-c3078e8a8719",
"assignerShortName": "SailPoint",
"cveId": "CVE-2024-2228",
"datePublished": "2024-03-22T15:50:09.729Z",
"dateReserved": "2024-03-06T17:01:59.959Z",
"dateUpdated": "2024-08-01T19:03:39.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2297 (GCVE-0-2024-2297)
Vulnerability from cvelistv5 – Published: 2025-02-27 05:23 – Updated: 2026-04-08 17:23
VLAI
Title
Bricksbuilder <= 1.9.6.1 - Authenticated (Contributor+) Privilege Escalation via create_autosave
Summary
The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. This is due to insufficient validation checks placed on the create_autosave AJAX function. This makes it possible for authenticated attackers, with contributor-level access and above, to execute arbitrary PHP code with elevated (administrator-level) privileges. NOTE: Successful exploitation requires (1) the Bricks Builder to be enabled for posts (2) Builder access to be enabled for contributor-level users, and (3) "Code Execution" to be enabled for administrator-level users within the theme's settings.
Severity
7.1 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Bricks Builder | Bricks |
Affected:
0 , ≤ 1.9.6.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2297",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-27T18:41:06.434361Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T18:41:18.031Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bricks",
"vendor": "Bricks Builder",
"versions": [
{
"lessThanOrEqual": "1.9.6.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Emil Tr\u00e4g\u00e5rdh"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. This is due to insufficient validation checks placed on the create_autosave AJAX function. This makes it possible for authenticated attackers, with contributor-level access and above, to execute arbitrary PHP code with elevated (administrator-level) privileges. NOTE: Successful exploitation requires (1) the Bricks Builder to be enabled for posts (2) Builder access to be enabled for contributor-level users, and (3) \"Code Execution\" to be enabled for administrator-level users within the theme\u0027s settings."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:23:24.076Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cb075e85-75fc-4008-8270-4d1064ace29e?source=cve"
},
{
"url": "https://bricksbuilder.io/release/bricks-1-9-7/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-26T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Bricksbuilder \u003c= 1.9.6.1 - Authenticated (Contributor+) Privilege Escalation via create_autosave"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-2297",
"datePublished": "2025-02-27T05:23:05.572Z",
"dateReserved": "2024-03-07T18:05:08.201Z",
"dateUpdated": "2026-04-08T17:23:24.076Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23457 (GCVE-0-2024-23457)
Vulnerability from cvelistv5 – Published: 2024-05-01 16:26 – Updated: 2024-08-01 23:06
VLAI
Title
Anti-tampering can be disabled with uninstall password enforced
Summary
The anti-tampering functionality of the Zscaler Client Connector can be disabled under certain conditions when an uninstall password is enforced. This affects Zscaler Client Connector on Windows prior to 4.2.0.209
Severity
7.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Zscaler | Client Connector |
Affected:
0 , < 4.2.0.209
(custom)
|
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:zscaler:client_connector:-:*:*:*:*:windows:*:*"
],
"defaultStatus": "unknown",
"product": "client_connector",
"vendor": "zscaler",
"versions": [
{
"lessThan": "4.2.0.209",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23457",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T18:58:10.245315Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T18:59:34.369Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:24.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Client Connector",
"vendor": "Zscaler",
"versions": [
{
"lessThan": "4.2.0.209",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Westpac Red Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The anti-tampering functionality of the Zscaler Client Connector can be disabled under certain conditions when an uninstall password is enforced. This affects Zscaler Client Connector on Windows prior to 4.2.0.209\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "The anti-tampering functionality of the Zscaler Client Connector can be disabled under certain conditions when an uninstall password is enforced. This affects Zscaler Client Connector on Windows prior to 4.2.0.209\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-554",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-554 Functionality Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T16:26:11.546Z",
"orgId": "73c6f63b-efac-410d-a0a9-569700f85a04",
"shortName": "Zscaler"
},
"references": [
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Anti-tampering can be disabled with uninstall password enforced",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "73c6f63b-efac-410d-a0a9-569700f85a04",
"assignerShortName": "Zscaler",
"cveId": "CVE-2024-23457",
"datePublished": "2024-05-01T16:26:11.546Z",
"dateReserved": "2024-01-17T15:15:47.221Z",
"dateUpdated": "2024-08-01T23:06:24.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23537 (GCVE-0-2024-23537)
Vulnerability from cvelistv5 – Published: 2024-03-29 14:38 – Updated: 2025-02-13 17:39
VLAI
Title
Apache Fineract: Under certain circumstances, this vulnerability allowed users, without specific permissions, to escalate their privileges to any role.
Summary
Improper Privilege Management vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5.
Users are recommended to upgrade to version 1.9.0, which fixes the issue.
Severity
8.4 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://cwiki.apache.org/confluence/display/FINER… | vendor-advisory |
| https://lists.apache.org/thread/fq1ns4nprw2vqpkww… | vendor-advisory |
| http://www.openwall.com/lists/oss-security/2024/03/29/1 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Fineract |
Affected:
0 , < 1.9.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:fineract:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fineract",
"vendor": "apache",
"versions": [
{
"lessThan": "1.9.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23537",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-08T18:09:05.990965Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-08T20:06:52.390Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:25.238Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://cwiki.apache.org/confluence/display/FINERACT/Apache+Fineract+Security+Report"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/fq1ns4nprw2vqpkwwj9sw45jkwxmt9f1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/29/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Fineract",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.9.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Yash Sancheti"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Privilege Management vulnerability in Apache Fineract.\u003cp\u003eThis issue affects Apache Fineract: \u0026lt;1.8.5.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.9.0, which fixes the issue.\u003c/p\u003e"
}
],
"value": "Improper Privilege Management vulnerability in Apache Fineract.This issue affects Apache Fineract: \u003c1.8.5.\n\nUsers are recommended to upgrade to version 1.9.0, which fixes the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:06:44.197Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://cwiki.apache.org/confluence/display/FINERACT/Apache+Fineract+Security+Report"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/fq1ns4nprw2vqpkwwj9sw45jkwxmt9f1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/29/1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Fineract: Under certain circumstances, this vulnerability allowed users, without specific permissions, to escalate their privileges to any role.",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-23537",
"datePublished": "2024-03-29T14:38:05.738Z",
"dateReserved": "2024-01-18T04:59:16.245Z",
"dateUpdated": "2025-02-13T17:39:45.238Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23620 (GCVE-0-2024-23620)
Vulnerability from cvelistv5 – Published: 2024-01-25 23:35 – Updated: 2024-11-13 15:04
VLAI
Title
IBM Merge Healthcare eFilm Workstation SYSTEM Privilege Escalation
Summary
An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation. A local, authenticated attacker can exploit this vulnerability to escalate privileges to SYSTEM.
Severity
8.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://blog.exodusintel.com/2024/01/25/ibm-merge… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM Merge Healthcare | eFilm Workstation |
Affected:
4.1 , ≤ 4.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:25.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-system-privilege-escalation/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23620",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-30T20:24:21.753346Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T15:04:16.032Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": " eFilm Workstation",
"vendor": "IBM Merge Healthcare",
"versions": [
{
"lessThanOrEqual": "4.2",
"status": "affected",
"version": "4.1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Exodus Intelligence"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation. A local, authenticated attacker can exploit this vulnerability to escalate privileges to SYSTEM.\u003cbr\u003e"
}
],
"value": "An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation. A local, authenticated attacker can exploit this vulnerability to escalate privileges to SYSTEM.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV2_0": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T23:35:58.433Z",
"orgId": "902ff664-2e36-43e3-a1aa-3210c82d1b67",
"shortName": "XI"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-system-privilege-escalation/"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "IBM Merge Healthcare eFilm Workstation SYSTEM Privilege Escalation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "902ff664-2e36-43e3-a1aa-3210c82d1b67",
"assignerShortName": "XI",
"cveId": "CVE-2024-23620",
"datePublished": "2024-01-25T23:35:58.433Z",
"dateReserved": "2024-01-18T21:37:15.393Z",
"dateUpdated": "2024-11-13T15:04:16.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2390 (GCVE-0-2024-2390)
Vulnerability from cvelistv5 – Published: 2024-03-18 15:37 – Updated: 2024-08-21 14:42
VLAI
Title
Local Privilege Escalation
Summary
As a part of Tenable’s vulnerability disclosure program, a vulnerability in a Nessus plugin was identified and reported. This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin in order to escalate privileges.
Severity
7.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Tenable | Nessus Agent |
Affected:
0 , < #202403142053
(custom)
|
|
| Tenable | Nessus |
Affected:
0 , < #202403142053
(custom)
|
Date Public
2024-03-15 19:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2024-05"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:tenable:nessus_agent:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nessus_agent",
"vendor": "tenable",
"versions": [
{
"lessThan": "#202403142053",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nessus",
"vendor": "tenable",
"versions": [
{
"lessThan": "#202403142053",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2390",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T14:01:06.803959Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T14:42:09.885Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Nessus Feed"
],
"product": "Nessus Agent",
"vendor": "Tenable",
"versions": [
{
"lessThan": "#202403142053",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"modules": [
"Nessus Feed"
],
"product": "Nessus",
"vendor": "Tenable",
"versions": [
{
"lessThan": "#202403142053",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rich Sprigg (RythmStick)"
}
],
"datePublic": "2024-03-15T19:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nAs a part of Tenable\u2019s vulnerability disclosure program, a vulnerability in a Nessus plugin was identified and reported. This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin in order to escalate privileges.\n\n\u003cp\u003e\u003c/p\u003e"
}
],
"value": "\nAs a part of Tenable\u2019s vulnerability disclosure program, a vulnerability in a Nessus plugin was identified and reported. This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin in order to escalate privileges.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-18T15:37:44.698Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"url": "https://www.tenable.com/security/tns-2024-05"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nTenable has released updates to plugins to resolve the issue. The updates have been distributed via the Tenable plugin feed in feed serial numbers equal to or greater than #202403142053.\n\n\u003cbr\u003e"
}
],
"value": "\nTenable has released updates to plugins to resolve the issue. The updates have been distributed via the Tenable plugin feed in feed serial numbers equal to or greater than #202403142053.\n\n"
}
],
"source": {
"advisory": "TNS-2024-05",
"discovery": "EXTERNAL"
},
"title": "Local Privilege Escalation ",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2024-2390",
"datePublished": "2024-03-18T15:37:44.698Z",
"dateReserved": "2024-03-11T22:31:40.629Z",
"dateUpdated": "2024-08-21T14:42:09.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2431 (GCVE-0-2024-2431)
Vulnerability from cvelistv5 – Published: 2024-03-13 17:51 – Updated: 2024-08-05 13:31
VLAI
Title
GlobalProtect App: Local User Can Disable GlobalProtect
Summary
An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode.
Severity
5.5 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | GlobalProtect App |
Affected:
6.0 , < 6.0.4
(custom)
Affected: 5.1 , < 5.1.12 (custom) Affected: 5.2 , < 5.2.13 (custom) Affected: 6.1 , < 6.1.1 (custom) Unaffected: 6.2 |
Date Public
2024-03-13 16:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-2431"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:globalprotect:5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect:5.2:*:*:*:*:universal_windows_platform:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect:6.0.0:*:*:*:*:universal_windows_platform:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect:6.1.0:*:*:*:*:universal_windows_platform:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect:6.2.0:*:*:*:*:windows:*:*"
],
"defaultStatus": "unknown",
"product": "globalprotect",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "5.1.12",
"status": "affected",
"version": "5.1",
"versionType": "custom"
},
{
"lessThan": "5.2.13",
"status": "affected",
"version": "5.2",
"versionType": "custom"
},
{
"lessThan": "6.0.4",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.1",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.2.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2431",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-15T15:20:30.083812Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T13:31:26.517Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GlobalProtect App",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "6.0.4",
"status": "unaffected"
}
],
"lessThan": "6.0.4",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.1.12",
"status": "unaffected"
}
],
"lessThan": "5.1.12",
"status": "affected",
"version": "5.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.2.13",
"status": "unaffected"
}
],
"lessThan": "5.2.13",
"status": "affected",
"version": "5.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.1.1",
"status": "unaffected"
}
],
"lessThan": "6.1.1",
"status": "affected",
"version": "6.1",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.2"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This is an issue only if \"Allow User to Disable GlobalProtect App\" is set to \"Allow with Passcode\". You should check this setting in your firewall web interface (Network \u003e GlobalProtect \u003e Portals \u003e (portal-config) \u003e Agent \u003e (agent-config) \u003e App) and take the appropriate actions as needed."
}
],
"value": "This is an issue only if \"Allow User to Disable GlobalProtect App\" is set to \"Allow with Passcode\". You should check this setting in your firewall web interface (Network \u003e GlobalProtect \u003e Portals \u003e (portal-config) \u003e Agent \u003e (agent-config) \u003e App) and take the appropriate actions as needed."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks AIG Red Team and Stephen Collyer for discovering and reporting this issue."
}
],
"datePublic": "2024-03-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode."
}
],
"value": "An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the GlobalProtect app in configurations that allow a user to disable GlobalProtect with a passcode."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-13T17:51:17.735Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-2431"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in GlobalProtect app 5.1.12, GlobalProtect app 5.2.13, GlobalProtect app 6.0.4, GlobalProtect app 6.1.1, and all later GlobalProtect app versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in GlobalProtect app 5.1.12, GlobalProtect app 5.2.13, GlobalProtect app 6.0.4, GlobalProtect app 6.1.1, and all later GlobalProtect app versions.\n"
}
],
"source": {
"defect": [
"GPC-15349"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-03-13T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "GlobalProtect App: Local User Can Disable GlobalProtect",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "You can mitigate this issue by setting \"Allow User to Disable GlobalProtect App\" to \"Disallow\" or \"Allow with Ticket.\"\u003cbr\u003e"
}
],
"value": "You can mitigate this issue by setting \"Allow User to Disable GlobalProtect App\" to \"Disallow\" or \"Allow with Ticket.\"\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-2431",
"datePublished": "2024-03-13T17:51:17.735Z",
"dateReserved": "2024-03-13T16:19:25.624Z",
"dateUpdated": "2024-08-05T13:31:26.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation ID: MIT-1
Phases: Architecture and Design, Operation
Description:
- Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation ID: MIT-48
Phase: Architecture and Design
Strategy: Separation of Privilege
Description:
- Follow the principle of least privilege when assigning access rights to entities in a software system.
Mitigation ID: MIT-49
Phase: Architecture and Design
Strategy: Separation of Privilege
Description:
- Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.
CAPEC-122: Privilege Abuse
An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.
CAPEC-233: Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
CAPEC-58: Restful Privilege Elevation
An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.