CVE-2024-12356

{"id": "CVE-2024-12356", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "13061848-ea10-403d-bd75-c83a022c2891", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-12-17T05:15:06.413", "references": [{"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12356", "tags": ["Third Party Advisory", "US Government Resource"], "source": "13061848-ea10-403d-bd75-c83a022c2891"}, {"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-10", "tags": ["Vendor Advisory"], "source": "13061848-ea10-403d-bd75-c83a022c2891"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2024-12356", "tags": ["Third Party Advisory", "US Government Resource"], "source": "13061848-ea10-403d-bd75-c83a022c2891"}, {"url": "https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "13061848-ea10-403d-bd75-c83a022c2891", "description": [{"lang": "en", "value": "CWE-77"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-77"}]}], "descriptions": [{"lang": "en", "value": "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user."}, {"lang": "es", "value": "Se ha descubierto una vulnerabilidad cr\u00edtica en los productos Privileged Remote Access (PRA) and Remote Support (RS) que puede permitir que un atacante no autenticado inyecte comandos que se ejecutan como un usuario del sitio."}], "lastModified": "2025-02-17T21:15:10.327", "cisaActionDue": "2024-12-27", "cisaExploitAdd": "2024-12-19", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:beyondtrust:privileged_remote_access:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D402E4B5-D3EA-4AD1-8954-92FB6A873906", "versionEndIncluding": "24.3.1"}, {"criteria": "cpe:2.3:a:beyondtrust:remote_support:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD0D0CD2-E8CE-40B6-B8F0-2FB1A98DA3F8", "versionEndIncluding": "24.3.1"}], "operator": "OR"}]}], "sourceIdentifier": "13061848-ea10-403d-bd75-c83a022c2891", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection Vulnerability "}