CVE-2024-51721 | THREATINT

Description

A code injection vulnerability in the SecuSUITE Server Web Administration Portal of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially inject script commands or other executable content into the server that would run with root privilege.

PUBLISHED Reserved 2024-10-30 | Published 2024-11-12 | Updated 2024-11-12 | Assigner blackberry

HIGH: 7.3CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

Problem types

CWE-59 Improper Link Resolution Before File Access ('Link Following')

Product status

Default status

unaffected

5.0.420

affected

References

support.blackberry.com/pkb/s/article/140220

cve.org (CVE-2024-51721)

nvd.nist.gov (CVE-2024-51721)

Download JSON