mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-01 11:11:27 +00:00
25 lines
1.1 KiB
JSON
25 lines
1.1 KiB
JSON
|
{
|
||
|
|
"id": "CVE-2024-52869",
|
||
|
|
"sourceIdentifier": "cve@mitre.org",
|
||
|
|
"published": "2025-01-08T21:15:12.523",
|
||
|
|
"lastModified": "2025-01-08T21:15:12.523",
|
||
|
|
"vulnStatus": "Received",
|
||
|
|
"cveTags": [],
|
||
|
|
"descriptions": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "Certain Teradata account-handling code through 2024-11-04, used with SUSE Enterprise Linux Server, mismanages groups. Specifically, when there is an operating system move from SUSE Enterprise Linux Server (SLES) 12 Service Pack (SP) 2 or 3 to SLES 15 SP2 on Teradata Database systems, some service/system user accounts, and possibly systems administrator created user accounts, are incorrectly assigned to groups that allow higher system-level privileges than intended for those user accounts. Depending on the usage of these accounts, this may lead to full system compromise."
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"metrics": {},
|
||
|
|
"references": [
|
||
|
|
{
|
||
|
|
"url": "https://chrismanson.com/CVE/cve-2024-52869.html",
|
||
|
|
"source": "cve@mitre.org"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://www.teradata.com/trust-security-center/data-security",
|
||
|
|
"source": "cve@mitre.org"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|