ГлавнаяУязвимости → CVE-2024-24722
9.1критическая

CVE-2024-24722

→ есть в БДУ: BDU:2024-04532 (на русском)
Описание (на английском; русское — в БДУ выше)

An unquoted service path vulnerability in the 12d Synergy Server and File Replication Server components may allow an attacker to gain elevated privileges via the 12d Synergy Server and/or 12d Synergy File Replication Server executable service path. This is fixed in 4.3.10.192, 5.1.5.221, and 5.1.6.235.

Затрагиваемое ПО
12dsynergy 12dsynergy12dsynergy File replication server
CVSS
Балл9.1 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Источники
https://files.12dsynergy.com/downloads/download.aspxhttps://help.12dsynergy.com/v1/docs/cve-2024-24722https://www.12dsynergy.com/security-statement/https://files.12dsynergy.com/downloads/download.aspxhttps://help.12dsynergy.com/v1/docs/cve-2024-24722https://www.12dsynergy.com/security-statement/