Описание
Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 24.1 (исключая)
cpe:2.3:a:beyondtrust:privilege_management_for_windows:*:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00061
Низкий
3.3 Low
CVSS3
Дефекты
CWE-200
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 3.3
github
почти 2 года назад
Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues.
EPSS
Процентиль: 19%
0.00061
Низкий
3.3 Low
CVSS3
Дефекты
CWE-200
NVD-CWE-noinfo