PT-2024-39247 · Unknown · Tr7 Application Security Platform
Anil Celik
+2
·
Published
2024-11-18
·
Updated
2024-11-18
·
CVE-2024-8781
CVSS v4.0
8.7
High
| Vector | AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H |
Name of the Vulnerable Software and Affected Versions:
TR7 Application Security Platform (ASP) version 1.4.25.188
Description:
The issue affects the TR7 Application Security Platform (ASP) due to an Improper Protection of Alternate Path vulnerability, allowing Privilege Escalation and Privilege Abuse. This vulnerability enables Execution with Unnecessary Privileges.
Recommendations:
For version 1.4.25.188, upgrade to a newer version to avoid exploitation. As a temporary workaround, consider restricting privileges to minimize the risk of escalation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Tr7 Application Security Platform