Lucene search
TenableCVE-2024-1683HistoryFeb 23, 2024 - 1:15 a.m.
CVE-2024-1683
2024-02-2301:15:52
CWE-78
tenable
web.nvd.nist.gov
4
dll injection
vulnerability
tie secure relay
configuration override
service execution
CVSS3
7.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L
AI Score
7.1
Confidence
High
EPSS
0
Percentile
9.6%
A DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for overriding of the configuration and running of new Secure Relay services.
CNA Affected
[
{
"defaultStatus": "affected",
"platforms": [
"Windows"
],
"product": "Tenable Identity Exposure Secure Relay",
"vendor": "Tenable",
"versions": [
{
"lessThan": "3.59.4",
"status": "affected",
"version": "3.42.17",
"versionType": "3.59.4"
}
]
}
]References
Related
nvd
nvd
CVE-2024-1683
2024-02-23 01:15:52
cvelist
cvelist
CVE-2024-1683 DLL Injection in Tenable Identity Exposure Secure Relay
2024-02-23 00:02:52
prion
prion
Design/Logic Flaw
2024-02-23 01:15:00
vulnrichment
vulnrichment
CVE-2024-1683 DLL Injection in Tenable Identity Exposure Secure Relay
2024-02-23 00:02:52
CVSS3
7.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L
AI Score
7.1
Confidence
High
EPSS
0
Percentile
9.6%
Related for CVE-2024-1683