Incorrect default permissions in the AMD Provisioning Console installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
History

Wed, 18 Dec 2024 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Amd provisioning Console
CPEs cpe:2.3:a:amd:provisioning_console:*:*:*:*:*:*:*:*
Vendors & Products Amd provisioning Console

Thu, 14 Nov 2024 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Amd
Amd provisioning Console Apc Software
CPEs cpe:2.3:a:amd:provisioning_console_apc_software:*:*:*:*:*:*:*:*
Vendors & Products Amd
Amd provisioning Console Apc Software
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 12 Nov 2024 17:30:00 +0000

Type Values Removed Values Added
Description Incorrect default permissions in the AMD Provisioning Console installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
Weaknesses CWE-276
References
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: AMD

Published: 2024-11-12T17:16:23.733Z

Updated: 2024-11-14T16:18:09.623Z

Reserved: 2024-01-03T16:43:26.978Z

Link: CVE-2024-21958

cve-icon Vulnrichment

Updated: 2024-11-14T16:18:02.564Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-12T18:15:19.340

Modified: 2024-12-18T18:57:53.727

Link: CVE-2024-21958

cve-icon Redhat

No data.