CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized
access, loss of confidentiality, integrity and availability of the workstation when non-admin
authenticated user tries to perform privilege escalation by tampering with the binaries.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 18 Sep 2024 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Schneider-electric vijeo Designer Embedded In Ecostruxure Machine Expert
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:schneider-electric:vijeo_designer:6.3:-:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:vijeo_designer_embedded_in_ecostruxure_machine_expert:*:*:*:*:*:*:*:*
Vendors & Products Schneider-electric vijeo Designer Embedded In Ecostruxure Machine Expert

Wed, 11 Sep 2024 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Schneider-electric
Schneider-electric vijeo Designer
CPEs cpe:2.3:a:schneider-electric:vijeo_designer:*:*:*:*:*:*:*:*
Vendors & Products Schneider-electric
Schneider-electric vijeo Designer
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 11 Sep 2024 15:15:00 +0000

Type Values Removed Values Added
Description CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity and availability of the workstation when non-admin authenticated user tries to perform privilege escalation by tampering with the binaries.
Weaknesses CWE-269
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: schneider

Published:

Updated: 2024-09-11T18:21:20.415Z

Reserved: 2024-08-29T09:01:34.777Z

Link: CVE-2024-8306

cve-icon Vulnrichment

Updated: 2024-09-11T18:21:06.365Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-11T15:15:18.827

Modified: 2024-09-18T19:51:14.850

Link: CVE-2024-8306

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.