CVE-2024-23764

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-23764
Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15 and later, WithSecure Server Security 15 and later, WithSecure Email and Server Security 15 and later, and WithSecure Elements Endpoint Protection 17 and later.

6.7 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.withsecure.com/en/support/security-advisories Product
https://www.withsecure.com/en/support/security-advisories/cve-2024-23764 Vendor Advisory
https://www.withsecure.com/en/support/security-advisories Product
https://www.withsecure.com/en/support/security-advisories/cve-2024-23764 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:withsecure:client_security:15:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:withsecure:server_security:15:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:withsecure:email_and_server_security:15:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:a:withsecure:elements_endpoint_protection:17:*:*:*:*:*:*:*
History

21 Nov 2024, 08:58

Type Values Removed Values Added
References () https://www.withsecure.com/en/support/security-advisories - Product () https://www.withsecure.com/en/support/security-advisories - Product
References () https://www.withsecure.com/en/support/security-advisories/cve-2024-23764 - Vendor Advisory () https://www.withsecure.com/en/support/security-advisories/cve-2024-23764 - Vendor Advisory

15 Feb 2024, 17:57

Type Values Removed Values Added
CPE cpe:2.3:a:withsecure:server_security:15:*:*:*:*:*:*:*
cpe:2.3:a:withsecure:client_security:15:*:*:*:*:*:*:*
cpe:2.3:a:withsecure:email_and_server_security:15:*:*:*:*:*:*:*
cpe:2.3:a:withsecure:elements_endpoint_protection:17:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.7
References () https://www.withsecure.com/en/support/security-advisories - () https://www.withsecure.com/en/support/security-advisories - Product
References () https://www.withsecure.com/en/support/security-advisories/cve-2024-23764 - () https://www.withsecure.com/en/support/security-advisories/cve-2024-23764 - Vendor Advisory
First Time Withsecure
Withsecure client Security
Withsecure server Security
Withsecure elements Endpoint Protection
Withsecure email And Server Security
CWE CWE-269

08 Feb 2024, 19:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-02-08 19:15

Updated : 2024-11-21 08:58

NVD link : CVE-2024-23764

Mitre link : CVE-2024-23764

CVE.ORG link : CVE-2024-23764

JSON object : View

Products Affected

withsecure

  • server_security
  • client_security
  • elements_endpoint_protection
  • email_and_server_security
CWE
CWE-269

Improper Privilege Management