{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-1591", "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891", "state": "PUBLISHED", "assignerShortName": "BT", "dateReserved": "2024-02-16T17:32:29.581Z", "datePublished": "2024-02-16T18:54:33.382Z", "dateUpdated": "2024-08-01T18:48:20.658Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "Privilege Management for Windows", "vendor": "BeyondTrust", "versions": [{"lessThan": "24.1", "status": "affected", "version": "1", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues."}], "value": "Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues."}], "impacts": [{"capecId": "CAPEC-176", "descriptions": [{"lang": "en", "value": "CAPEC-176 Configuration/Environment Manipulation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "13061848-ea10-403d-bd75-c83a022c2891", "shortName": "BT", "dateUpdated": "2024-02-16T18:54:33.382Z"}, "references": [{"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-02"}], "source": {"advisory": "BT24-02", "discovery": "UNKNOWN"}, "title": "Privilege Management for Windows < 24.1 Information Leak", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1591", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-18T00:44:16.042553Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T18:00:12.988Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:48:20.658Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-02", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-02", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:48:20.658Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1591", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-18T00:44:16.042553Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:11.614Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "Privilege Management for Windows < 24.1 Information Leak", "source": {"advisory": "BT24-02", "discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-176", "descriptions": [{"lang": "en", "value": "CAPEC-176 Configuration/Environment Manipulation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "BeyondTrust", "product": "Privilege Management for Windows", "versions": [{"status": "affected", "version": "1", "lessThan": "24.1", "versionType": "custom"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-02"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues.", "supportingMedia": [{"type": "text/html", "value": "Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "13061848-ea10-403d-bd75-c83a022c2891", "shortName": "BT", "dateUpdated": "2024-02-16T18:54:33.382Z"}}}, "cveMetadata": {"cveId": "CVE-2024-1591", "state": "PUBLISHED", "dateUpdated": "2024-08-01T18:48:20.658Z", "dateReserved": "2024-02-16T17:32:29.581Z", "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891", "datePublished": "2024-02-16T18:54:33.382Z", "assignerShortName": "BT"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues."}, {"lang": "es", "value": "Antes de la versi\u00f3n 24.1, un atacante autenticado local puede ver Sysvol cuando Privilege Management para Windows est\u00e1 configurado para usar una pol\u00edtica de GPO. Esto les permite ver la pol\u00edtica y potencialmente encontrar problemas de configuraci\u00f3n."}], "id": "CVE-2024-1591", "lastModified": "2024-11-21T08:50:54.090", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "13061848-ea10-403d-bd75-c83a022c2891", "type": "Secondary"}]}, "published": "2024-02-16T19:15:08.207", "references": [{"source": "13061848-ea10-403d-bd75-c83a022c2891", "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-02"}], "sourceIdentifier": "13061848-ea10-403d-bd75-c83a022c2891", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "13061848-ea10-403d-bd75-c83a022c2891", "type": "Secondary"}]}

{}