Lucene search
Redhat.comRH:CVE-2024-43791HistoryAug 24, 2024 - 1:40 a.m.
CVE-2024-43791
2024-08-2401:40:13
redhat.com
access.redhat.com
1
requeststore 1.3.2
local users
arbitrary code
world-writable files
0666 permissions
security vulnerability
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.5%
A flaw was found in RequestStore, which provides per-request global storage. This flaw allows a malicious user to execute arbitrary code due to global permission issues.
Related
github
github
request_store has Incorrect Default Permissions
2024-08-23 18:54:26
cve
cve
CVE-2024-43791
2024-08-23 15:15:16
osv
osv
UBUNTU-CVE-2024-43791
2024-08-23 15:15:00
CVE-2024-43791
2024-08-23 15:15:16
request_store has Incorrect Default Permissions
2024-08-23 18:54:26
rubygems
rubygems
request_store has Incorrect Default Permissions
2024-08-22 21:00:00
vulnrichment
vulnrichment
CVE-2024-43791 RequestStore has Incorrect Default Permissions
2024-08-23 14:39:10
debiancve
debiancve
CVE-2024-43791
2024-08-23 15:15:16
nvd
nvd
CVE-2024-43791
2024-08-23 15:15:16
cvelist
cvelist
CVE-2024-43791 RequestStore has Incorrect Default Permissions
2024-08-23 14:39:10
ubuntucve
ubuntucve
CVE-2024-43791
2024-08-23 00:00:00
veracode
veracode
Incorrect Default Permissions
2024-08-26 08:45:46
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.5%
Related for RH:CVE-2024-43791