← Volver a CVEs
CVE-2024-43690
HIGH8.0
Descripcion
Inclusion of Functionality from Untrusted Control Sphere(CWE-829) in the Command Centre Server and Workstations may allow an attacker to perform Remote Code Execution (RCE). This issue affects: Command Centre Server and Command Centre Workstations 9.10 prior to vEL9.10.1530 (MR2), 9.00 prior to vEL9.00.2168 (MR4), 8.90 prior to vEL8.90.2155 (MR5), 8.80 prior to vEL8.80.1938 (MR6), all versions of 8.70 and prior.
Detalles CVE
Puntuacion CVSS v3.18.0
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadHIGH
Privilegios requeridosHIGH
Interaccion usuarioNONE
Publicado9/11/2024
Ultima modificacion9/11/2024
Fuentenvd
Avistamientos honeypot0
Debilidades (CWE)
CWE-829
Referencias
https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2024-43690(disclosures@gallagher.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.