CVE-2024-55634

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Dec 10, 2024
Updated: Dec 11, 2024
CWE ID 289
CWE ID 178

Summary

CVE-2024-55634 is a newly disclosed vulnerability in Drupal Core that enables Privilege Escalation. Affected versions include Drupal Core from 8.0.0 to 10.2.10, 10.3.0 to 10.3.8, and 11.0.0 to 11.0.7. Malicious actors can exploit this flaw to gain elevated access, potentially leading to unauthorized modification or disclosure of sensitive data. Users of these affected Drupal versions are advised to install the available security updates promptly to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share