CVE-2024-667712.07.2024, 03:15Privilege escalation in uberAgentEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST7.8 HIGHLOCALLOWLOWCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HCitrixCNA------CISA-ADPADP------CVEADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 27%VendorProductVersioncitrixuberagent𝑥< 7.2.1𝑥= Vulnerable software versionsCommon Weakness EnumerationCWE-269 - Improper Privilege ManagementThe software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.Referenceshttps://support.citrix.com/article/CTX691103/citrix-uberagent-security-bulletin-for-cve20246677https://support.citrix.com/external/article/691103/citrix-uberagent-security-bulletin-for-c.htmlhttps://support.citrix.com/article/CTX691103/citrix-uberagent-security-bulletin-for-cve20246677