admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-237xx/CVE-2024-23774.json
cad-safe-bot 44c903429f Auto-Update: 2024-07-03T02:00:33.205262+00:00
2024-07-03 02:03:28 +00:00

64 lines
2.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-23774",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-30T14:15:15.103",
"lastModified": "2024-07-03T01:48:07.913",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An unquoted Windows search path vulnerability exists in the KSchedulerSvc.exe and AMPTools.exe components. This allows local attackers to execute code of their choice with NT Authority\\SYSTEM privileges."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Quest KACE Agent para Windows 12.0.38 y 13.1.23.0. Existe una vulnerabilidad de ruta de b\u00fasqueda de Windows sin comillas en los componentes KSchedulerSvc.exe y AMPTools.exe. Esto permite a los atacantes locales ejecutar c\u00f3digo de su elecci\u00f3n con privilegios NT Authority\\SYSTEM."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://support.quest.com/kb/4375402/quest-response-to-kace-sma-agent-vulnerabilities-cve-2024-23772-cve-2024-23773-cve-2024-23774",
"source": "cve@mitre.org"
},
{
"url": "https://www.quest.com/kace/",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink