admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-514xx/CVE-2024-51448.json
cad-safe-bot 0c245865ae Auto-Update: 2025-01-26T03:00:19.791548+00:00
2025-01-26 03:03:52 +00:00

60 lines
2.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-51448",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-18T15:15:08.183",
"lastModified": "2025-01-18T15:15:08.183",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe service. A subsequent service or server restart will then run that binary with administrator privilege."
},
{
"lang": "es",
"value": "IBM Robotic Process Automation 21.0.0 a 21.0.7.17 y 23.0.0 a 23.0.18 podr\u00edan permitir que un usuario local aumente sus privilegios. Todos los archivos de la instalaci\u00f3n heredan los permisos de archivo del directorio principal y, por lo tanto, un usuario sin privilegios puede sustituir cualquier ejecutable por el servicio nssm.exe. Un reinicio posterior del servicio o del servidor ejecutar\u00e1 ese binario con privilegios de administrador."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-277"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7177586",
"source": "psirt@us.ibm.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink