CVE-2024-1591

Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues.

CVSS v3 3.3 LOW

3.3^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.beyondtrust.com/trust-center/security-advisories/bt24-02	Vendor Advisory
https://www.beyondtrust.com/trust-center/security-advisories/bt24-02	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:beyondtrust:privilege_management_for_windows:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-02-16 19:15

Updated : 2025-02-07 15:07

NVD link : CVE-2024-1591

Mitre link : CVE-2024-1591

CVE.ORG link : CVE-2024-1591

JSON object : View

Products Affected

beyondtrust

privilege_management_for_windows

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

NVD-CWE-noinfo

{"id": "CVE-2024-1591", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "13061848-ea10-403d-bd75-c83a022c2891", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.8}]}, "published": "2024-02-16T19:15:08.207", "references": [{"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-02", "tags": ["Vendor Advisory"], "source": "13061848-ea10-403d-bd75-c83a022c2891"}, {"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-02", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "13061848-ea10-403d-bd75-c83a022c2891", "description": [{"lang": "en", "value": "CWE-200"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues."}, {"lang": "es", "value": "Antes de la versi\u00f3n 24.1, un atacante autenticado local puede ver Sysvol cuando Privilege Management para Windows est\u00e1 configurado para usar una pol\u00edtica de GPO. Esto les permite ver la pol\u00edtica y potencialmente encontrar problemas de configuraci\u00f3n."}], "lastModified": "2025-02-07T15:07:53.133", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:beyondtrust:privilege_management_for_windows:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCA4D726-9CA4-40F5-8779-2DDE3E39B9CB", "versionEndExcluding": "24.1"}], "operator": "OR"}]}], "sourceIdentifier": "13061848-ea10-403d-bd75-c83a022c2891"}