1 results (0.005 seconds)
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0394 – Rapid7 Minerva Armor Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-0394
03 Apr 2024 — Rapid7 Minerva Armor versions below 4.5.5 suffer from a privilege escalation vulnerability whereby an authenticated attacker can elevate privileges and execute arbitrary code with SYSTEM privilege. The vulnerability is caused by the product's implementation of OpenSSL's`OPENSSLDIR` parameter where it is set to a path accessible to low-privileged users. The vulnerability has been remediated and fixed in version 4.5.5. Las versiones de Rapid7 Minerva Armor inferiores a 4.5.5 sufren de una vulnerabilidad de es... • https://www.rapid7.com/blog/post/2024/04/03/cve-2024-0394-rapid7-minerva-armor-privilege-escalation-fixed • CWE-862: Missing Authorization •