CVE-2024-7265
EUVD-2024-4821207.08.2024, 11:15
Incorrect User Management vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP allows logged-in user to change the password of any user, including root user, which could lead to privilege escalation. This issue affects EZD RP: from 15 before 15.84, from 16 before 16.15, from 17 before 17.2.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| nask | ezd_rp | 15 ≤ 𝑥 < 15.84 |
| nask | ezd_rp | 16 ≤ 𝑥 < 16.15 |
| nask | ezd_rp | 17 ≤ 𝑥 < 17.2 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| nask-pib | ezd_rp | 15 ≤ 𝑥 < 15.84 | ADP |
| nask-pib | ezd_rp | 16 ≤ 𝑥 < 16.15 | ADP |
| nask-pib | ezd_rp | 17 ≤ 𝑥 < 17.2 | ADP |