2024-07-14 02:06:08 +00:00

64 lines
2.4 KiB
JSON

{
"id": "CVE-2024-25029",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-04-06T12:15:08.400",
"lastModified": "2024-04-08T18:48:40.217",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Personal Communications 14.0.6 through 15.0.1 includes a Windows service that is vulnerable to remote code execution (RCE) and local privilege escalation (LPE). The vulnerability allows any unprivileged user with network access to a target computer to run commands with full privileges in the context of NT AUTHORITY\\SYSTEM. This allows for a low privileged attacker to move laterally to affected systems and to escalate their privileges. IBM X-Force ID: 281619."
},
{
"lang": "es",
"value": "IBM Personal Communications 14.0.6 a 15.0.1 incluye un servicio de Windows que es vulnerable a la ejecuci\u00f3n remota de c\u00f3digo (RCE) y a la escalada de privilegios local (LPE). La vulnerabilidad permite a cualquier usuario sin privilegios con acceso a la red de una computadora de destino ejecutar comandos con privilegios completos en el contexto de NT AUTHORITY\\SYSTEM. Esto permite que un atacante con pocos privilegios se mueva lateralmente a los sistemas afectados y aumente sus privilegios. ID de IBM X-Force: 281619."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.2,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/281619",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7147672",
"source": "psirt@us.ibm.com"
}
]
}