CVE-2024-29417

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-29417
Insecure Permissions vulnerability in e-trust Horacius 1.0, 1.1, and 1.2 allows a local attacker to escalate privileges via the password reset function.

8.4 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://blog.pridesec.com.br/en/horacius-unauthenticated-privilege-escalation/
Configurations

No configuration.

History

03 Jul 2024, 01:52

Type Values Removed Values Added
Summary
  • (es) La vulnerabilidad de permisos inseguros en e-trust Horacius 1.0, 1.1 y 1.2 permite a un atacante local escalar privilegios a través de la función de restablecimiento de contraseña.
CWE CWE-277
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.4

03 May 2024, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-05-03 15:15

Updated : 2024-07-03 01:52

NVD link : CVE-2024-29417

Mitre link : CVE-2024-29417

CVE.ORG link : CVE-2024-29417

JSON object : View

Products Affected

No product.

CWE
CWE-277

Insecure Inherited Permissions


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024