CVE-2024-51721

{"id": "CVE-2024-51721", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secure@blackberry.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 0.7}]}, "published": "2024-11-12T19:15:18.220", "references": [{"url": "https://support.blackberry.com/pkb/s/article/140220", "source": "secure@blackberry.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "secure@blackberry.com", "description": [{"lang": "en", "value": "CWE-59"}]}], "descriptions": [{"lang": "en", "value": "A code injection vulnerability in the SecuSUITE Server Web Administration Portal of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially inject script commands or other executable content into the server that would run with root privilege."}, {"lang": "es", "value": "Una vulnerabilidad de inyecci\u00f3n de c\u00f3digo en SecuSUITE Server Web Administration Portal of SecuSUITE versiones 5.0.420 y anteriores, podr\u00eda permitir a un atacante inyectar potencialmente comandos de script u otro contenido ejecutable en el servidor que se ejecutar\u00eda con privilegios de superusuario."}], "lastModified": "2024-11-13T17:01:16.850", "sourceIdentifier": "secure@blackberry.com"}