CVE-2024-3779

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-3779
Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions were met.

6.1 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 4.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://support.eset.com/en/ca8688 Vendor Advisory
https://support.eset.com/en/ca8688 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:eset:internet_security:*:*:*:*:*:*:*:*
cpe:2.3:a:eset:nod32:*:*:*:*:*:*:*:*
cpe:2.3:a:eset:security:*:*:*:*:ultimate:*:*:*
cpe:2.3:a:eset:smart_security:*:*:*:*:premium:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:windows:*:*
cpe:2.3:a:eset:endpoint_security:*:*:*:*:*:windows:*:*

Configuration 3 (hide)

cpe:2.3:a:eset:server_security:*:*:*:*:*:windows_server:*:*

Configuration 4 (hide)

cpe:2.3:a:eset:mail_security:*:*:*:*:*:exchange_server:*:*

Configuration 5 (hide)

cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*

Configuration 6 (hide)

cpe:2.3:a:eset:security:*:*:*:*:*:sharepoint_server:*:*
History

21 Nov 2024, 09:30

Type Values Removed Values Added
References () https://support.eset.com/en/ca8688 - Vendor Advisory () https://support.eset.com/en/ca8688 - Vendor Advisory
CVSS v2 : unknown
v3 : 5.5 		v2 : unknown
v3 : 6.1

21 Aug 2024, 17:38

Type Values Removed Values Added
CPE cpe:2.3:a:eset:security:*:*:*:*:*:sharepoint_server:*:*
cpe:2.3:a:eset:smart_security:*:*:*:*:premium:*:*:*
cpe:2.3:a:eset:endpoint_security:*:*:*:*:*:windows:*:*
cpe:2.3:a:eset:internet_security:*:*:*:*:*:*:*:*
cpe:2.3:a:eset:mail_security:*:*:*:*:*:exchange_server:*:*
cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:windows:*:*
cpe:2.3:a:eset:server_security:*:*:*:*:*:windows_server:*:*
cpe:2.3:a:eset:security:*:*:*:*:ultimate:*:*:*
cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*
cpe:2.3:a:eset:nod32:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 6.1 		v2 : unknown
v3 : 5.5
First Time Eset internet Security
Eset mail Security
Eset smart Security
Eset server Security
Eset endpoint Security
Eset endpoint Antivirus
Eset nod32
Eset
Eset security
References () https://support.eset.com/en/ca8688 - () https://support.eset.com/en/ca8688 - Vendor Advisory
Summary
  • (es) La vulnerabilidad de denegación de servicio presente poco después de la instalación o actualización del producto, potencialmente permitió que un atacante dejara inoperable el producto de seguridad de ESET, siempre que se cumplieran condiciones previas no predeterminadas.

16 Jul 2024, 09:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-16 09:15

Updated : 2024-11-21 09:30

NVD link : CVE-2024-3779

Mitre link : CVE-2024-3779

CVE.ORG link : CVE-2024-3779

JSON object : View

Products Affected

eset

  • mail_security
  • internet_security
  • security
  • smart_security
  • endpoint_antivirus
  • endpoint_security
  • server_security
  • nod32
CWE
CWE-276

Incorrect Default Permissions