Lucene search
CatoCVE-2024-6974HistoryJul 31, 2024 - 5:15 p.m.
CVE-2024-6974
2024-07-3117:15:11
CWE-426
CWE-276
Cato
web.nvd.nist.gov
27
cato networks
windows
sdp client
local privilege escalation
CVSS3
8.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0
Percentile
9.4%
Cato Networks Windows SDP Client Local Privilege Escalation via self-upgradeThis issue affects SDP Client: before 5.10.34.
Affected configurations
Node
catonetworkscato_clientRange<5.10.34windows
| Vendor | Product | Version | CPE |
|---|---|---|---|
| catonetworks | cato_client | * | cpe:2.3:a:catonetworks:cato_client:*:*:*:*:*:windows:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "SDP Client",
"vendor": "Cato Networks",
"versions": [
{
"lessThan": "5.10.34",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]
CVSS3
8.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0
Percentile
9.4%
Related for CVE-2024-6974