Main Vulnerability Database Vulnerabilities #VU98192

#VU98192 Improper Authorization in Windows Server - CVE-2024-38129

Published: October 8, 2024

Vulnerability identifier: #VU98192

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2024-38129

CWE-ID: CWE-285

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Windows Server

Software vendor:
Microsoft

Description

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to improper authorization in Windows Kerberos, which leads to security restrictions bypass and privilege escalation.

Install updates from vendor's website.