CVE-2024-51722

{"id": "CVE-2024-51722", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secure@blackberry.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.5}]}, "published": "2024-11-12T19:15:18.397", "references": [{"url": "https://support.blackberry.com/pkb/s/article/140220", "source": "secure@blackberry.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "secure@blackberry.com", "description": [{"lang": "en", "value": "CWE-250"}]}], "descriptions": [{"lang": "en", "value": "A local privilege escalation vulnerability in the SecuSUITE Server (System Configuration) of SecuSUITE versions 5.0.420 and earlier could allow a successful attacker that had gained control of code running under one of the system accounts listed in the configuration file to potentially issue privileged script commands."}, {"lang": "es", "value": "Una vulnerabilidad de escalada de privilegios locales en el servidor SecuSUITE (configuraci\u00f3n del sistema) de las versiones 5.0.420 y anteriores de SecuSUITE podr\u00eda permitir que un atacante exitoso que haya obtenido el control del c\u00f3digo que se ejecuta bajo una de las cuentas del sistema enumeradas en el archivo de configuraci\u00f3n potencialmente emita comandos de script privilegiados."}], "lastModified": "2024-11-13T17:01:16.850", "sourceIdentifier": "secure@blackberry.com"}