CVE-2024-5812
LOW EPSS 18.2%
Published Jun 11, 20242y ago · Modified Jun 17, 20262w ago
2.7 CVSS 3.1
Published Jun 11, 2024 2y ago
Last Modified Jun 17, 2026 2w ago
Description
A low severity vulnerability in BIPS has been identified where an attacker with high privileges or a compromised high privilege account can overwrite Read-Only smart rules via a specially crafted API request.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N Attack Vector Network
Attack Complexity Low
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Low
Availability None
Threat Intelligence
EPSS Exploit Probability
18.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-290
Affected Products 3
| Vendor | Product | Version | Range |
|---|---|---|---|
| beyondtrust | beyondinsight_password_safe | * | ≥23.2 – <23.2.0.1293 |
| beyondtrust | beyondinsight_password_safe | * | ≥23.3 – <23.3.0.959 |
| beyondtrust | beyondinsight_password_safe | 24.1 | any |
References 1
- beyondtrust.com https://www.beyondtrust.com/trust-center/security-advisories/bt24-07
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.