Lucene search

K

[email protected]NVD:CVE-2024-25421

HistoryMar 26, 2024 - 9:15 p.m.

CVE-2024-25421

2024-03-2621:15:52

[email protected]

web.nvd.nist.gov

ignite realtime

openfire

privilege escalation

remote attacker

room_cache

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.6%

An issue in Ignite Realtime Openfire v.4.9.0 and before allows a remote attacker to escalate privileges via the ROOM_CACHE component.

References

github.com/igniterealtime/Openfire/blob/main/xmppserver/src/main/java/org/jivesoftware/openfire/muc/spi/LocalMUCRoomManager.java

www.hackthebox.com/blog/openfire-cves-explained-CVE-2024-25420-CVE-2024-25421

www.igniterealtime.org/projects/openfire/

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.6%

Related for NVD:CVE-2024-25421

cve1 cvelist1 github1 osv2