ГлавнаяУязвимости → CVE-2024-39934
7.8высокая

CVE-2024-39934

Описание

Robotmk before 2.0.1 allows a local user to escalate privileges (e.g., to SYSTEM) if automated Python environment setup is enabled, because the "shared holotree usage" feature allows any user to edit any Python environment.

CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://checkmk.com/werk/16434https://github.com/elabit/robotmk/commit/78c1174ab2df43813050d0c22e1efb8636f8715ehttps://github.com/elabit/robotmk/compare/v2.0.0...v2.0.1https://github.com/elabit/robotmk/releases/tag/v2.0.1https://checkmk.com/werk/16434https://github.com/elabit/robotmk/commit/78c1174ab2df43813050d0c22e1efb8636f8715ehttps://github.com/elabit/robotmk/compare/v2.0.0...v2.0.1https://github.com/elabit/robotmk/releases/tag/v2.0.1