CVE-2024-11075
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Nov 19, 2024
CWE ID 250
Summary
CVE-2024-11075 is a newly disclosed vulnerability affecting the Incoming Goods Suite. This issue grants unprivileged users, whether locally or via SSH, the ability to escalate their privileges to the administrative level. The root cause lies in the usage of Docker images with root permissions for the affected components. Successful exploitation of this misconfiguration enables an attacker to gain unauthorized administrative control over the entire system.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share