CVE-2024-1156

Summary

Incorrect directory permissions for the shared NI RabbitMQ service may allow a local authenticated user to read RabbitMQ configuration information and potentially enable escalation of privileges.

Affected Software

VendorProductVersion RangeStatus
NISystemLink Server0 <= 2023 Q3affected
NIFlexLogger0 <= 2022 Q3affected

Weaknesses

  • CWE-276: CWE-276 Incorrect Default Permissions

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References