admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-237xx/CVE-2024-23772.json
cad-safe-bot 30c55ddc5c Auto-Update: 2024-08-09T22:00:17.170310+00:00
2024-08-09 22:03:13 +00:00

64 lines
2.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-23772",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-30T14:15:14.977",
"lastModified": "2024-08-09T21:35:02.383",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file create vulnerability exists in the KSchedulerSvc.exe, KUserAlert.exe, and Runkbot.exe components. This allows local attackers to create any file of their choice with NT Authority\\SYSTEM privileges."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Quest KACE Agent para Windows 12.0.38 y 13.1.23.0. Existe una vulnerabilidad de creaci\u00f3n de archivos arbitrarios en los componentes KSchedulerSvc.exe, KUserAlert.exe y Runkbot.exe. Esto permite a los atacantes locales crear cualquier archivo de su elecci\u00f3n con privilegios NT Authority\\SYSTEM."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://support.quest.com/kb/4375402/quest-response-to-kace-sma-agent-vulnerabilities-cve-2024-23772-cve-2024-23773-cve-2024-23774",
"source": "cve@mitre.org"
},
{
"url": "https://www.quest.com/kace/",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink