A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.
Metrics
Affected Vendors & Products
References
History
Wed, 18 Dec 2024 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 18 Dec 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user. | |
Title | Command Injection vulnerability in Remote Support(RS) & Privilege Remote Access (PRA) | |
Weaknesses | CWE-78 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: BT
Published: 2024-12-18T20:23:57.909Z
Updated: 2024-12-18T21:15:14.559Z
Reserved: 2024-12-16T18:58:57.921Z
Link: CVE-2024-12686
Vulnrichment
Updated: 2024-12-18T21:15:04.572Z
NVD
Status : Received
Published: 2024-12-18T21:15:08.020
Modified: 2024-12-18T21:15:08.020
Link: CVE-2024-12686
Redhat
No data.