CVE-2024-45770
Severity CVSS v4.0:
Pending analysis
Type:
CWE-59
Link Following
Publication date:
19/09/2024
Last modified:
12/11/2024
Description
A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges.
Impact
Base Score 3.x
4.40
Severity 3.x
MEDIUM
References to Advisories, Solutions, and Tools
- https://access.redhat.com/errata/RHSA-2024:6837
- https://access.redhat.com/errata/RHSA-2024:6840
- https://access.redhat.com/errata/RHSA-2024:6842
- https://access.redhat.com/errata/RHSA-2024:6843
- https://access.redhat.com/errata/RHSA-2024:6844
- https://access.redhat.com/errata/RHSA-2024:6846
- https://access.redhat.com/errata/RHSA-2024:6847
- https://access.redhat.com/errata/RHSA-2024:6848
- https://access.redhat.com/errata/RHSA-2024:9452
- https://access.redhat.com/security/cve/CVE-2024-45770
- https://bugzilla.redhat.com/show_bug.cgi?id=2310451