nvd-json-data-feeds/CVE-2024/CVE-2024-397xx/CVE-2024-39755.json

{
  "id": "CVE-2024-39755",
  "sourceIdentifier": "talos-cna@cisco.com",
  "published": "2024-10-03T16:15:05.230",
  "lastModified": "2024-12-18T15:15:10.370",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A privilege escalation vulnerability exists in the node update functionality of Veertu Anka Build 1.42.0. A specially crafted PKG file can lead to execute priviledged operation. An attacker can make an unauthenticated HTTP request to trigger this vulnerability."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de escalada de privilegios en Veertu Anka Build 1.42.0. La vulnerabilidad ocurre durante la actualizaci\u00f3n del agente del nodo Anka. Un usuario con pocos privilegios puede activar la acci\u00f3n de actualizaci\u00f3n, lo que puede provocar una elevaci\u00f3n inesperada de privilegios."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "talos-cna@cisco.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "talos-cna@cisco.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-282"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2060",
      "source": "talos-cna@cisco.com"
    },
    {
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2060",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    }
  ]
}