5 matches found
CVE-2024-2658
A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 11.19.6.0 allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted...
CVE-2024-2658
creationtimestamp| type| source ---|---|--- 2025-01-30 17:14:49+00:00| seen| https://infosec.exchange/users/cve/statuses/113918429685955022 2025-01-30 17:15:42+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgxydqje2a2b 2025-01-30 20:57:53+00:00| seen|...
CVE-2024-2658 Local privilege escalation in FlexNet Publisher
A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 11.19.6.0 allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted...
CVE-2024-2658
CVE-2024-2658 describes a local privilege-escalation flaw in Flexera FlexNet Publisher prior to 2024 R1 (11.19.6.0) caused by a lmadmin.exe misconfiguration that allows the OpenSSL configuration file to load from a non-existent directory. An authenticated, low-privilege local user could create th...
Flexera FlexNet Publisher < 11.19.6 Privilege Escalation
A privilege escalation vulnerability exists in Flexera FlexNet Publisher due to an uncontrolled search path element. An authenticated, local attacker can exploit this, to gain elevated privileges access to the system. Note that Nessus has not tested for this issue but has instead relied only on t...