CVE-2024-1973

By leveraging the vulnerability, lower-privileged users of Content Manager can manipulate Content Manager clients to elevate privileges and perform unauthorized operations.

CVSS v3 8.5 HIGH

8.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://portal.microfocus.com/s/article/KM000027861

Configurations

No configuration.

History

26 Mar 2024, 12:55

Type	Values Removed	Values Added
Summary		(es) Al aprovechar la vulnerabilidad, los usuarios con menos privilegios de Content Manager pueden manipular los clientes de Content Manager para elevar sus privilegios y realizar operaciones no autorizadas.

25 Mar 2024, 22:37

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-03-25 22:37

Updated : 2024-03-26 12:55

NVD link : CVE-2024-1973

Mitre link : CVE-2024-1973

CVE.ORG link : CVE-2024-1973

JSON object : View

Products Affected

No product.

CWE

CWE-269

Improper Privilege Management

8.5 /10