CVE-2024-1591

Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues.

CVSS v3 3.3 LOW

3.3^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.beyondtrust.com/trust-center/security-advisories/bt24-02	Vendor Advisory
https://www.beyondtrust.com/trust-center/security-advisories/bt24-02	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:beyondtrust:privilege_management_for_windows:*:*:*:*:*:*:*:*

History

07 Feb 2025, 15:07

Type	Values Removed	Values Added
First Time		Beyondtrust Beyondtrust privilege Management For Windows
References	~~() https://www.beyondtrust.com/trust-center/security-advisories/bt24-02 -~~	() https://www.beyondtrust.com/trust-center/security-advisories/bt24-02 - Vendor Advisory
CWE		NVD-CWE-noinfo
CPE		cpe:2.3:a:beyondtrust:privilege_management_for_windows::::::::

21 Nov 2024, 08:50

Type	Values Removed	Values Added
References	~~() https://www.beyondtrust.com/trust-center/security-advisories/bt24-02 -~~	() https://www.beyondtrust.com/trust-center/security-advisories/bt24-02 -
Summary		(es) Antes de la versión 24.1, un atacante autenticado local puede ver Sysvol cuando Privilege Management para Windows está configurado para usar una política de GPO. Esto les permite ver la política y potencialmente encontrar problemas de configuración.

16 Feb 2024, 19:26

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-02-16 19:15

Updated : 2025-02-07 15:07

NVD link : CVE-2024-1591

Mitre link : CVE-2024-1591

CVE.ORG link : CVE-2024-1591

JSON object : View

Products Affected

beyondtrust

privilege_management_for_windows

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

NVD-CWE-noinfo

{"id": "CVE-2024-1591", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "13061848-ea10-403d-bd75-c83a022c2891", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.8}]}, "published": "2024-02-16T19:15:08.207", "references": [{"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-02", "tags": ["Vendor Advisory"], "source": "13061848-ea10-403d-bd75-c83a022c2891"}, {"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-02", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "13061848-ea10-403d-bd75-c83a022c2891", "description": [{"lang": "en", "value": "CWE-200"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues."}, {"lang": "es", "value": "Antes de la versi\u00f3n 24.1, un atacante autenticado local puede ver Sysvol cuando Privilege Management para Windows est\u00e1 configurado para usar una pol\u00edtica de GPO. Esto les permite ver la pol\u00edtica y potencialmente encontrar problemas de configuraci\u00f3n."}], "lastModified": "2025-02-07T15:07:53.133", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:beyondtrust:privilege_management_for_windows:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCA4D726-9CA4-40F5-8779-2DDE3E39B9CB", "versionEndExcluding": "24.1"}], "operator": "OR"}]}], "sourceIdentifier": "13061848-ea10-403d-bd75-c83a022c2891"}

3.3 /10