CVE-2024-0394 in Minerva Armor정보

요약

\~에 의해 MITRE • 2024. 04. 03.

Rapid7 Minerva Armor versions below 4.5.5 suffer from a privilege escalation vulnerability whereby an authenticated attacker can elevate privileges and execute arbitrary code with SYSTEM privilege. The vulnerability is caused by the product's implementation of OpenSSL's`OPENSSLDIR` parameter where it is set to a path accessible to low-privileged users. The vulnerability has been remediated and fixed in version 4.5.5.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

Rapid7, Inc.

예약하다

2024. 01. 10.

공개

2024. 04. 03.

모더레이션

수락

항목

VDB-259131

CPE

준비됨

CWE

CWE-862 (확인됨)

CVSS

7.8 (CNA)

EPSS

0.00028

KEV

아니요

활동

매우 낮음

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-0394
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-0394
CVE Details	https://www.cvedetails.com/cve/CVE-2024-0394/

◂ 이전 개요 다음 ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!