Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the logging component of the Endpoint Protector and Unify server application which allows an unauthenticated remote attacker to send a malicious request, resulting in the ability to execute system commands with root privileges.
References
Configurations
No configuration.
History
09 Jul 2024, 16:22
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-779 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
Summary |
|
27 Jun 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-27 21:15
Updated : 2024-07-09 16:22
NVD link : CVE-2024-36072
Mitre link : CVE-2024-36072
CVE.ORG link : CVE-2024-36072
JSON object : View
Products Affected
No product.
CWE
CWE-779
Logging of Excessive Data