In Telerik Test Studio versions prior to
v2023.3.1330, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik Test Studio install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system.
References
Link | Resource |
---|---|
https://docs.telerik.com/teststudio/knowledge-base/product-notices-kb/legacy-installer-vulnerability | Vendor Advisory |
https://www.telerik.com/teststudio | Product |
Configurations
History
09 Feb 2024, 17:05
Type | Values Removed | Values Added |
---|---|---|
First Time |
Progress telerik Test Studio
Progress |
|
Summary |
|
|
References | () https://docs.telerik.com/teststudio/knowledge-base/product-notices-kb/legacy-installer-vulnerability - Vendor Advisory | |
References | () https://www.telerik.com/teststudio - Product | |
CPE | cpe:2.3:a:progress:telerik_test_studio:*:*:*:*:*:*:*:* | |
CWE | NVD-CWE-noinfo |
31 Jan 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
31 Jan 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-31 16:15
Updated : 2024-02-09 17:05
NVD link : CVE-2024-0833
Mitre link : CVE-2024-0833
CVE.ORG link : CVE-2024-0833
JSON object : View
Products Affected
progress
- telerik_test_studio
CWE