CVE-2024-24582 - Vulnerability Details

Improper input validation in XmlCli feature for UEFI firmware for some Intel(R) processors may allow privileged user to potentially enable escalation of privilege via local access.

Attack Vector Local

Attack Complexity High

Privileges Required High

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact High

Subsequent System Integrity Impact High

Subsequent System Availability Impact High

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Redhat	Enterprise Linux Rhel Aus Rhel E4s Rhel Els Rhel Eus Rhel Tus

No data.

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 7.7 Advanced Update Support
microcode_ctl-2:2.1-53.25.el7_7.1	cpe:/o:redhat:rhel_aus:7.7	RHBA-2025:2428	2025-03-06T00:00:00Z
Red Hat Enterprise Linux 7 Extended Lifecycle Support
microcode_ctl-2:2.1-73.23.el7_9	cpe:/o:redhat:rhel_els:7	RHEA-2025:2427	2025-03-06T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support
microcode_ctl-4:20191115-4.20250211.1.el8_2	cpe:/o:redhat:rhel_aus:8.2	RHEA-2025:2424	2025-03-06T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
microcode_ctl-4:20210216-1.20250211.1.el8_4	cpe:/o:redhat:rhel_aus:8.4	RHEA-2025:2423	2025-03-06T00:00:00Z
Red Hat Enterprise Linux 8.4 Telecommunications Update Service
microcode_ctl-4:20210216-1.20250211.1.el8_4	cpe:/o:redhat:rhel_tus:8.4	RHEA-2025:2423	2025-03-06T00:00:00Z
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
microcode_ctl-4:20210216-1.20250211.1.el8_4	cpe:/o:redhat:rhel_e4s:8.4	RHEA-2025:2423	2025-03-06T00:00:00Z
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
microcode_ctl-4:20220207-1.20250211.1.el8_6	cpe:/o:redhat:rhel_aus:8.6	RHEA-2025:2422	2025-03-06T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
microcode_ctl-4:20220207-1.20250211.1.el8_6	cpe:/o:redhat:rhel_tus:8.6	RHEA-2025:2422	2025-03-06T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
microcode_ctl-4:20220207-1.20250211.1.el8_6	cpe:/o:redhat:rhel_e4s:8.6	RHEA-2025:2422	2025-03-06T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
microcode_ctl-4:20220809-2.20250211.1.el8_8	cpe:/o:redhat:rhel_eus:8.8	RHEA-2025:2421	2025-03-06T00:00:00Z
Red Hat Enterprise Linux 9
microcode_ctl-4:20240910-1.20250211.1.el9_5	cpe:/o:redhat:enterprise_linux:9	RHBA-2025:2991	2025-03-18T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
microcode_ctl-4:20220207-1.20250211.1.el9_0	cpe:/o:redhat:rhel_e4s:9.0	RHEA-2025:2419	2025-03-06T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
microcode_ctl-4:20220809-2.20250211.1.el9_2	cpe:/o:redhat:rhel_eus:9.2	RHEA-2025:2420	2025-03-06T00:00:00Z
Red Hat Enterprise Linux 9.4 Extended Update Support
microcode_ctl-4:20230808-2.20250211.1.el9_4	cpe:/o:redhat:rhel_eus:9.4	RHEA-2025:2418	2025-03-06T00:00:00Z

References

Link	Providers
https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01139.html
https://nvd.nist.gov/vuln/detail/CVE-2024-24582
https://www.cve.org/CVERecord?id=CVE-2024-24582

History

Fri, 21 Mar 2025 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat enterprise Linux Redhat rhel Els
CPEs		cpe:/o:redhat:enterprise_linux:9 cpe:/o:redhat:rhel_aus:8.2 cpe:/o:redhat:rhel_aus:8.4 cpe:/o:redhat:rhel_e4s:8.4 cpe:/o:redhat:rhel_e4s:9.0 cpe:/o:redhat:rhel_els:7 cpe:/o:redhat:rhel_eus:8.8 cpe:/o:redhat:rhel_eus:9.2 cpe:/o:redhat:rhel_tus:8.4
Vendors & Products		Redhat enterprise Linux Redhat rhel Els

Thu, 20 Mar 2025 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat rhel Aus Redhat rhel E4s Redhat rhel Eus Redhat rhel Tus
CPEs		cpe:/o:redhat:rhel_aus:7.7 cpe:/o:redhat:rhel_aus:8.6 cpe:/o:redhat:rhel_e4s:8.6 cpe:/o:redhat:rhel_eus:9.4 cpe:/o:redhat:rhel_tus:8.6
Vendors & Products		Redhat Redhat rhel Aus Redhat rhel E4s Redhat rhel Eus Redhat rhel Tus

Fri, 14 Feb 2025 01:45:00 +0000

Type	Values Removed	Values Added
Title		microcode_ctl: Improper input validation in XmlCli feature for UEFI firmware
References		https://nvd.nist.gov/vuln/detail/CVE-2024-24582 https://www.cve.org/CVERecord?id=CVE-2024-24582
Metrics	threat_severity `None`	threat_severity `Important`

Thu, 13 Feb 2025 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 12 Feb 2025 21:30:00 +0000

Type	Values Removed	Values Added
Description		Improper input validation in XmlCli feature for UEFI firmware for some Intel(R) processors may allow privileged user to potentially enable escalation of privilege via local access.
Weaknesses		CWE-20
References		https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01139.html
Metrics		cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H'}` cvssV4_0 `{'score': 8.7, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}`

MITRE

Status: PUBLISHED

Assigner: intel

Published: 2025-02-12T21:19:27.722Z

Updated: 2025-02-13T19:49:24.698Z

Reserved: 2024-03-27T03:00:07.339Z

Link: CVE-2024-24582

Vulnrichment

Updated: 2025-02-13T19:49:08.242Z

NVD

Status : Received

Published: 2025-02-12T22:15:31.367

Modified: 2025-02-12T22:15:31.367

Link: CVE-2024-24582

Redhat

Severity : Important

Publid Date: 2025-02-12T21:19:27Z

Links: CVE-2024-24582 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-24582", "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "state": "PUBLISHED", "assignerShortName": "intel", "dateReserved": "2024-03-27T03:00:07.339Z", "datePublished": "2025-02-12T21:19:27.722Z", "dateUpdated": "2025-02-13T19:49:24.698Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel", "dateUpdated": "2025-02-12T21:19:27.722Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Escalation of Privilege"}, {"lang": "en", "description": "Improper Input Validation", "cweId": "CWE-20", "type": "CWE"}]}], "affected": [{"vendor": "n/a", "product": "Intel(R) processors", "versions": [{"version": "See references", "status": "affected"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Improper input validation in XmlCli feature for UEFI firmware for some Intel(R) processors may allow privileged user to potentially enable escalation of privilege via local access."}], "references": [{"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01139.html", "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01139.html"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "cvssV4_0": {"version": "4.0", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-13T19:49:18.333230Z", "id": "CVE-2024-24582", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-13T19:49:24.698Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-24582", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-13T19:49:18.333230Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-13T19:49:08.242Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "cvssV4_0": {"version": "4.0", "baseScore": 8.7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "n/a", "product": "Intel(R) processors", "versions": [{"status": "affected", "version": "See references"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01139.html", "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01139.html"}], "descriptions": [{"lang": "en", "value": "Improper input validation in XmlCli feature for UEFI firmware for some Intel(R) processors may allow privileged user to potentially enable escalation of privilege via local access."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Escalation of Privilege"}, {"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "Improper Input Validation"}]}], "providerMetadata": {"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel", "dateUpdated": "2025-02-12T21:19:27.722Z"}}}, "cveMetadata": {"cveId": "CVE-2024-24582", "state": "PUBLISHED", "dateUpdated": "2025-02-13T19:49:24.698Z", "dateReserved": "2024-03-27T03:00:07.339Z", "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "datePublished": "2025-02-12T21:19:27.722Z", "assignerShortName": "intel"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper input validation in XmlCli feature for UEFI firmware for some Intel(R) processors may allow privileged user to potentially enable escalation of privilege via local access."}], "id": "CVE-2024-24582", "lastModified": "2025-02-12T22:15:31.367", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 6.0, "source": "secure@intel.com", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "HIGH", "subsequentSystemIntegrity": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "HIGH"}, "source": "secure@intel.com", "type": "Secondary"}]}, "published": "2025-02-12T22:15:31.367", "references": [{"source": "secure@intel.com", "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01139.html"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "secure@intel.com", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHBA-2025:2428", "cpe": "cpe:/o:redhat:rhel_aus:7.7", "package": "microcode_ctl-2:2.1-53.25.el7_7.1", "product_name": "Red Hat Enterprise Linux 7.7 Advanced Update Support", "release_date": "2025-03-06T00:00:00Z"}, {"advisory": "RHEA-2025:2427", "cpe": "cpe:/o:redhat:rhel_els:7", "package": "microcode_ctl-2:2.1-73.23.el7_9", "product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date": "2025-03-06T00:00:00Z"}, {"advisory": "RHEA-2025:2424", "cpe": "cpe:/o:redhat:rhel_aus:8.2", "package": "microcode_ctl-4:20191115-4.20250211.1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2025-03-06T00:00:00Z"}, {"advisory": "RHEA-2025:2423", "cpe": "cpe:/o:redhat:rhel_aus:8.4", "package": "microcode_ctl-4:20210216-1.20250211.1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2025-03-06T00:00:00Z"}, {"advisory": "RHEA-2025:2423", "cpe": "cpe:/o:redhat:rhel_tus:8.4", "package": "microcode_ctl-4:20210216-1.20250211.1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2025-03-06T00:00:00Z"}, {"advisory": "RHEA-2025:2423", "cpe": "cpe:/o:redhat:rhel_e4s:8.4", "package": "microcode_ctl-4:20210216-1.20250211.1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2025-03-06T00:00:00Z"}, {"advisory": "RHEA-2025:2422", "cpe": "cpe:/o:redhat:rhel_aus:8.6", "package": "microcode_ctl-4:20220207-1.20250211.1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2025-03-06T00:00:00Z"}, {"advisory": "RHEA-2025:2422", "cpe": "cpe:/o:redhat:rhel_tus:8.6", "package": "microcode_ctl-4:20220207-1.20250211.1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2025-03-06T00:00:00Z"}, {"advisory": "RHEA-2025:2422", "cpe": "cpe:/o:redhat:rhel_e4s:8.6", "package": "microcode_ctl-4:20220207-1.20250211.1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2025-03-06T00:00:00Z"}, {"advisory": "RHEA-2025:2421", "cpe": "cpe:/o:redhat:rhel_eus:8.8", "package": "microcode_ctl-4:20220809-2.20250211.1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2025-03-06T00:00:00Z"}, {"advisory": "RHBA-2025:2991", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "microcode_ctl-4:20240910-1.20250211.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-03-18T00:00:00Z"}, {"advisory": "RHEA-2025:2419", "cpe": "cpe:/o:redhat:rhel_e4s:9.0", "package": "microcode_ctl-4:20220207-1.20250211.1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2025-03-06T00:00:00Z"}, {"advisory": "RHEA-2025:2420", "cpe": "cpe:/o:redhat:rhel_eus:9.2", "package": "microcode_ctl-4:20220809-2.20250211.1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2025-03-06T00:00:00Z"}, {"advisory": "RHEA-2025:2418", "cpe": "cpe:/o:redhat:rhel_eus:9.4", "package": "microcode_ctl-4:20230808-2.20250211.1.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-03-06T00:00:00Z"}], "bugzilla": {"description": "microcode_ctl: Improper input validation in XmlCli feature for UEFI firmware", "id": "2345376", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345376"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-20", "details": ["Improper input validation in XmlCli feature for UEFI firmware for some Intel(R) processors may allow privileged user to potentially enable escalation of privilege via local access.", "An improper input validation flaw was found in the XmlCli feature for UEFI firmware. Some Intel(R) processors may allow a privileged user to enable privilege escalation via local access."], "name": "CVE-2024-24582", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "microcode_ctl", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2025-02-12T21:19:27Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-24582\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-24582\nhttps://intel.com/content/www/us/en/security-center/advisory/intel-sa-01139.html"], "statement": "Red Hat has given this vulnerability the impact rating of Important due to the potential of escalating privileges locally.", "threat_severity": "Important"}

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required High

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact High

Subsequent System Integrity Impact High

Subsequent System Availability Impact High

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object