CVE-2024-55634
CVSS 3.1 Score 8.1 of 10 (high)
Details
Published Dec 10, 2024
Updated: Dec 11, 2024
CWE ID 289
CWE ID 178
Summary
CVE-2024-55634 is a newly disclosed vulnerability in Drupal Core that enables Privilege Escalation. Affected versions include Drupal Core from 8.0.0 to 10.2.10, 10.3.0 to 10.3.8, and 11.0.0 to 11.0.7. Malicious actors can exploit this flaw to gain elevated access, potentially leading to unauthorized modification or disclosure of sensitive data. Users of these affected Drupal versions are advised to install the available security updates promptly to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Drupal
Affected Vendors
- Drupal