1. Home
  2. CVE Database
  3. CVE-2024-51162
HIGH · 8.8

CVE-2024-51162

An issue in Audimex EE versions 15.1.20 and earlier allowing a remote attacker to escalate privileges. Analyzing the offline client code, it was identified that it is possible for any user (with any p...

Vulnerability Description

An issue in Audimex EE versions 15.1.20 and earlier allowing a remote attacker to escalate privileges. Analyzing the offline client code, it was identified that it is possible for any user (with any privilege) of Audimex to dump the whole Audimex database. This gives visibility upon password hashes of any user, ongoing audit data and more.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Related Weaknesses (CWE)

CWE-276

References

FAQ

What is CVE-2024-51162?

CVE-2024-51162 is a vulnerability with a CVSS score of 8.8 (HIGH). An issue in Audimex EE versions 15.1.20 and earlier allowing a remote attacker to escalate privileges. Analyzing the offline client code, it was identified that it is possible for any user (with any p...

How severe is CVE-2024-51162?

CVE-2024-51162 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-51162?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.