Описание
An issue was discovered in BeyondTrust Privilege Management for Windows before 24.1. When an low-privileged user initiates a repair, there is an attack vector through which the user is able to execute any program with elevated privileges.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 24.1 (исключая)
cpe:2.3:a:beyondtrust:privilege_management_for_windows:*:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.00051
Низкий
6.3 Medium
CVSS3
7.8 High
CVSS3
Дефекты
CWE-266
Связанные уязвимости
CVSS3: 6.3
github
почти 2 года назад
An issue was discovered in BeyondTrust Privilege Management for Windows before 24.1. When an low-privileged user initiates a repair, there is an attack vector through which the user is able to execute any program with elevated privileges.
EPSS
Процентиль: 16%
0.00051
Низкий
6.3 Medium
CVSS3
7.8 High
CVSS3
Дефекты
CWE-266