CVE-2024-51722 – Vulnerabilities in SecuSUITE Server Components Impact SecuSUITE
https://notcve.org/view.php?id=CVE-2024-51722
A local privilege escalation vulnerability in the SecuSUITE Server (System Configuration) of SecuSUITE versions 5.0.420 and earlier could allow a successful attacker that had gained control of code running under one of the system accounts listed in the configuration file to potentially issue privileged script commands. • https://support.blackberry.com/pkb/s/article/140220 • CWE-250: Execution with Unnecessary Privileges •
CVE-2024-51721 – Vulnerabilities in SecuSUITE Server Components Impact SecuSUITE
https://notcve.org/view.php?id=CVE-2024-51721
A code injection vulnerability in the SecuSUITE Server Web Administration Portal of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially inject script commands or other executable content into the server that would run with root privilege. • https://support.blackberry.com/pkb/s/article/140220 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2024-51720 – Vulnerabilities in SecuSUITE Server Components Impact SecuSUITE
https://notcve.org/view.php?id=CVE-2024-51720
An insufficient entropy vulnerability in the SecuSUITE Secure Client Authentication (SCA) Server of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially enroll an attacker-controlled device to the victim’s account and telephone number. • https://support.blackberry.com/pkb/s/article/140220 • CWE-307: Improper Restriction of Excessive Authentication Attempts •