CVE-2024-29417

2024-05-0315:15:08

[email protected]

web.nvd.nist.gov

insecure permissions

e-trust horacius

privilege escalation

password reset

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Insecure Permissions vulnerability in e-trust Horacius 1.0, 1.1, and 1.2 allows a local attacker to escalate privileges via the password reset function.

References

blog.pridesec.com.br/en/horacius-unauthenticated-privilege-escalation/