CVE-2024-12831
CVE-2024-12831
Título es
CVE-2024-12831
Vie, 20/12/2024 – 01:15
Tipo
CWE-863
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-12831
Descripción en
Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Arista NG Firewall. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the uvm_login module. The issue results from incorrect authorization. An attacker can leverage this to escalate privileges to resources normally protected from the user. Was ZDI-CAN-24324.
20/12/2024
20/12/2024
Vector CVSS:3.1
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Gravedad 3.1 (CVSS 3.1 Base Score)
6.60
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM
Enviar en el boletín
Off
