Lucene search
Veracode Vulnerability DatabaseVERACODE:47409HistoryJun 07, 2024 - 6:59 a.m.
Privilege Escalation
2024-06-0706:59:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
snapd
software
vulnerability
privilege escalation
command-line argument parsing
unprivileged user
administrator privileges
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
AI Score
6.4
Confidence
High
EPSS
0
Percentile
15.5%
github.com/snapcore/snapd is vulnerable to Privilege Escalation. The vulnerability is due to improper command-line argument parsing, allowing an unprivileged user to trigger actions that require administrator privileges.
Related
nvd
nvd
CVE-2024-5138
2024-05-31 21:15:09
osv
osv
CVE-2024-5138 in github.com/snapcore/snapd
2024-06-14 13:41:08
CVE-2024-5138
2024-05-31 21:15:09
ubuntucve
ubuntucve
CVE-2024-5138
2024-05-24 00:00:00
debiancve
debiancve
CVE-2024-5138
2024-05-31 21:15:09
cvelist
cvelist
CVE-2024-5138
2024-05-31 21:02:19
vulnrichment
vulnrichment
CVE-2024-5138
2024-05-31 21:02:19
cve
cve
CVE-2024-5138
2024-05-31 21:15:09
redos
redos
ROS-20240910-07
2024-09-10 00:00:00
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
AI Score
6.4
Confidence
High
EPSS
0
Percentile
15.5%
Related for VERACODE:47409