CVE-2024-1155

Summary

Incorrect permissions in the installation directories for shared SystemLink Elixir based services may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Software

VendorProductVersion RangeStatus
NISystemLink Server0 <= 2023 Q3affected
NIFlexLogger0 <= 2022 Q3affected

Weaknesses

  • CWE-276: CWE-276 Incorrect Default Permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References