CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-38777
https://notcve.org/view.php?id=CVE-2022-38777
An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account. • https://discuss.elastic.co/t/elastic-7-17-9-8-5-0-and-8-6-1-security-update/324661 https://www.elastic.co/community/security • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-38774
https://notcve.org/view.php?id=CVE-2022-38774
An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account. Se descubrió un problema en la función de cuarentena de Elastic Endpoint Security y Elastic Endgame para Windows, que podría permitir a los usuarios sin privilegios elevar sus permisos a los de la cuenta LocalSystem. • https://discuss.elastic.co/t/endpoint-security-8-4-0-7-17-7-and-endgame-3-62-3-security-statement/323754 https://www.elastic.co/community/security • CWE-269: Improper Privilege Management •