Lucene search

CatoCVELIST:CVE-2024-6975

HistoryJul 31, 2024 - 4:55 p.m.

CVE-2024-6975 Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file

2024-07-3116:55:55

CWE-426

Cato

www.cve.org

cato networks

windows

sdp client

local privilege escalation

openssl configuration file

cve-2024-6975

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS

Percentile

9.4%

JSON

Cato Networks Windows SDP Client Local Privilege Escalation via openssl configuration file.
This issue affects SDP Client before 5.10.34.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows"
    ],
    "product": "SDP Client",
    "vendor": "Cato Networks",
    "versions": [
      {
        "lessThan": "5.10.34",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

support.catonetworks.com/hc/en-us/articles/19758025406621-CVE-2024-6975-Windows-SDP-Client-Local-Privilege-Escalation-via-openssl-configuration-file

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS

Percentile

9.4%

JSON

Related for CVELIST:CVE-2024-6975