CVE-2024-2044

CVSS 3.1 Score 9.9 of 10 (high)

Details

Published Mar 7, 2024
Updated: Mar 23, 2024

Summary

CVE-2024-2044 is a path-traversal vulnerability affecting pgAdmin <= 8.3. This vulnerability allows an unauthenticated attacker on Windows to load and deserialize remote pickle objects, leading to potential code execution. On POSIX/Linux, an authenticated attacker can upload pickle objects and gain code execution. The base severity of this vulnerability is rated as CRITICAL with a base score of 9.9 out of 10. It poses a high risk to organizations as it can lead to unauthorized access, data compromise, and potential system compromise. To remediate this vulnerability, users should update their pgAdmin version to a version higher than 8.3 that includes the necessary security patches.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-2044 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options