Vulnerability Description
A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHSA-2024:6837
- https://access.redhat.com/errata/RHSA-2024:6840
- https://access.redhat.com/errata/RHSA-2024:6842
- https://access.redhat.com/errata/RHSA-2024:6843
- https://access.redhat.com/errata/RHSA-2024:6844
- https://access.redhat.com/errata/RHSA-2024:6846
- https://access.redhat.com/errata/RHSA-2024:6847
- https://access.redhat.com/errata/RHSA-2024:6848
- https://access.redhat.com/errata/RHSA-2024:9452
- https://access.redhat.com/security/cve/CVE-2024-45770
- https://bugzilla.redhat.com/show_bug.cgi?id=2310451
FAQ
What is CVE-2024-45770?
CVE-2024-45770 is a vulnerability with a CVSS score of 4.4 (MEDIUM). A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which i...
How severe is CVE-2024-45770?
CVE-2024-45770 has been rated MEDIUM with a CVSS base score of 4.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-45770?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.