Lucene search
MicrosoftCVE-2024-38176HistoryJul 23, 2024 - 10:15 p.m.
CVE-2024-38176
2024-07-2322:15:08
CWE-307
microsoft
web.nvd.nist.gov
34
groupme
authentication restriction
unauthenticated
privilege escalation
network
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.2
Confidence
High
EPSS
0.002
Percentile
61.1%
An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network.
Affected configurations
Node
microsoftgroupmeMatch-
CNA Affected
[
{
"vendor": "Microsoft",
"product": "GroupMe",
"cpes": [
"cpe:2.3:a:microsoft:groupme:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "N/A",
"status": "affected"
}
]
}
]Related
nvd
nvd
CVE-2024-38176
2024-07-23 22:15:08
mscve
mscve
GroupMe Elevation of Privilege Vulnerability
2024-07-23 07:00:00
cvelist
cvelist
CVE-2024-38176 GroupMe Elevation of Privilege Vulnerability
2024-07-23 21:26:48
vulnrichment
vulnrichment
CVE-2024-38176 GroupMe Elevation of Privilege Vulnerability
2024-07-23 21:26:48
kaspersky
kaspersky
KLA71014 PE vulnerabilities in Microsoft Apps
2024-07-23 00:00:00
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.2
Confidence
High
EPSS
0.002
Percentile
61.1%
Related for CVE-2024-38176