CVE-2024-4395

🗓️ 27 Jun 2024 22:10:15Reported by JAMFType

XPC service in Jamf Compliance Editor allows local privilege escalatio

Reporter	Title	Published	Views	Family All 4
Cvelist	CVE-2024-4395 Lack of Client Validation in Jamf Compliance Editor's Helper Service May Result in Privilege Escalation	27 Jun 202421:28	–	cvelist
Vulnrichment	CVE-2024-4395 Lack of Client Validation in Jamf Compliance Editor's Helper Service May Result in Privilege Escalation	27 Jun 202421:28	–	vulnrichment
OSV	CVE-2024-4395	27 Jun 202422:15	–	osv
NVD	CVE-2024-4395	27 Jun 202422:15	–	nvd

[
  {
    "defaultStatus": "affected",
    "platforms": [
      "MacOS"
    ],
    "product": "Jamf Compliance Editor",
    "vendor": "JAMF",
    "versions": [
      {
        "lessThan": "1.3.1",
        "status": "affected",
        "version": "1",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
khronokernel	www.khronokernel.com/macos/2024/05/01/CVE-2024-4395.html
github	www.github.com/Jamf-Concepts/jamf-compliance-editor/releases/download/v1.3.1/JamfComplianceEditor.v1.3.1.pkg
trusted	www.trusted.jamf.com/docs/establishing-compliance-baselines
github	www.github.com/Jamf-Concepts/jamf-compliance-editor/raw/v1.3.1/Jamf%20Compliance%20Editor%20-%20User%20Guide.pdf

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Jun 2024 22:15Current

7.4High risk

Vulners AI Score7.4

CVSS37.8

CVSS47.3

EPSS0.00045

SSVC

CWE-269