CVE-2024-47876 — HIGH (8.8)

Q: How severe is CVE-2024-47876?

CVE-2024-47876 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2024-47876?

Check the references section above for vendor advisories and patch information. Affected products include: Sakailms Sakai.

Vulnerability Description

Sakai is a Collaboration and Learning Environment. Starting in version 23.0 and prior to version 23.2, kernel users created with type roleview can log in as a normal user. This can result in illegal access being granted to the system. Version 23.3 fixes this vulnerability.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Sakailms	Sakai	>= 23.0, < 23.2

Related Weaknesses (CWE)

CWE-285 CWE-863

References

https://github.com/sakaiproject/sakai/commit/a9aadd9347cfb204515e89ac0163e1be9e5Patch
https://github.com/sakaiproject/sakai/security/advisories/GHSA-cx95-q6gx-w4qpVendor Advisory
https://sakaiproject.atlassian.net/browse/SAK-50571Permissions Required

FAQ

What is CVE-2024-47876?

CVE-2024-47876 is a vulnerability with a CVSS score of 8.8 (HIGH). Sakai is a Collaboration and Learning Environment. Starting in version 23.0 and prior to version 23.2, kernel users created with type roleview can log in as a normal user. This can result in illegal a...

How severe is CVE-2024-47876?

CVE-2024-47876 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-47876?

Check the references section above for vendor advisories and patch information. Affected products include: Sakailms Sakai.