CVE-2024-7265

NVD Published Date: August 07, 2024 at 11:15 AM
NVD Last Modified: August 23, 2024 at 03:09 PM
Download Patch
Vulnerability ID
CVE-2024-7265
Severity
HIGH
Severity Score
8.8
Summary
Incorrect User Management vulnerability in Naukowa i Akademicka Sie? Komputerowa - Pa?stwowy Instytut Badawczy EZD RP allows logged-in user to change the password of any user, including root user, which could lead to privilege escalation. This issue affects EZD RP: from 15 before 15.84, from 16 before 16.15, from 17 before 17.2.
Mitigation and Patches
-
Exploits
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE ID
CWE-863

Recent Publish

CVE-2024-6522

CVE-2024-7266

CVE-2024-7267

CVE-2024-7353

CVE-2024-7355

CVE-2024-7578

See SecOps Solution
in action

Schedule Demo