Lucene search
HistoryMay 30, 2024 - 6:15 p.m.
CVE-2024-2421
lenels2 netbox
unauthenticated rce
cve-2024-2421
elevated permissions
access control
event monitoring
security vulnerability
9.3 High
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N
7.9 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.7%
LenelS2 NetBox access control and event monitoring system was discovered to contain an unauthenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands with elevated permissions.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "NetBox",
"vendor": "LenelS2",
"versions": [
{
"lessThanOrEqual": "5.6.1",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-2421 LenelS2 NetBox Improper Neutralization of Special Elements
2024-05-30 17:24:33
nvd
nvd
CVE-2024-2421
2024-05-30 18:15:09
cvelist
cvelist
CVE-2024-2421 LenelS2 NetBox Improper Neutralization of Special Elements
2024-05-30 17:24:33
ics
ics
LenelS2 NetBox
2024-05-30 12:00:00
9.3 High
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N
7.9 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.7%
Related for CVE-2024-2421