{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-38774", "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "assignerShortName": "elastic", "dateUpdated": "2024-08-03T11:02:14.633Z", "dateReserved": "2022-08-26T00:00:00", "datePublished": "2023-01-24T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "shortName": "elastic", "dateUpdated": "2023-01-24T00:00:00"}, "descriptions": [{"lang": "en", "value": "An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account."}], "affected": [{"vendor": "Elastic", "product": "Elastic Endpoint Security and Elastic Endgame Security", "versions": [{"version": "Elastic Security versions up to 7.17.6 and 8.3.3 and Elastic Endgame versions up to 3.62.2", "status": "affected"}]}], "references": [{"url": "https://www.elastic.co/community/security"}, {"url": "https://discuss.elastic.co/t/endpoint-security-8-4-0-7-17-7-and-endgame-3-62-3-security-statement/323754"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-269", "cweId": "CWE-269"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T11:02:14.633Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.elastic.co/community/security", "tags": ["x_transferred"]}, {"url": "https://discuss.elastic.co/t/endpoint-security-8-4-0-7-17-7-and-endgame-3-62-3-security-statement/323754", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:elastic:endgame:*:*:*:*:*:*:*:*", "matchCriteriaId": "68A3A5B9-1D47-47FE-AD12-63171EA31A39", "versionEndIncluding": "3.62.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:elastic:endpoint_security:*:*:*:*:*:*:*:*", "matchCriteriaId": "0EF52B19-206B-4614-B41A-A726CAA2F27D", "versionEndExcluding": "7.17.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:elastic:endpoint_security:*:*:*:*:*:*:*:*", "matchCriteriaId": "0711CF67-EDFE-49CC-A3DA-F0C839662B14", "versionEndExcluding": "8.4.0", "versionStartIncluding": "8.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en la funci\u00f3n de cuarentena de Elastic Endpoint Security y Elastic Endgame para Windows, que podr\u00eda permitir a los usuarios sin privilegios elevar sus permisos a los de la cuenta LocalSystem."}], "id": "CVE-2022-38774", "lastModified": "2024-11-21T07:17:04.167", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-01-26T21:15:49.903", "references": [{"source": "bressers@elastic.co", "tags": ["Vendor Advisory"], "url": "https://discuss.elastic.co/t/endpoint-security-8-4-0-7-17-7-and-endgame-3-62-3-security-statement/323754"}, {"source": "bressers@elastic.co", "tags": ["Vendor Advisory"], "url": "https://www.elastic.co/community/security"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://discuss.elastic.co/t/endpoint-security-8-4-0-7-17-7-and-endgame-3-62-3-security-statement/323754"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.elastic.co/community/security"}], "sourceIdentifier": "bressers@elastic.co", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "bressers@elastic.co", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}