Vulnerability Details CVE-2024-1156
Incorrect directory permissions for the shared NI RabbitMQ service may allow a local authenticated user to read RabbitMQ configuration information and potentially enable escalation of privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.9%
CVSS Severity
CVSS v3 Score 7.8
References
- https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/incorrect-permissions-for-shared-systemlink-elixir-based-service.html
- https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/incorrect-permissions-for-shared-systemlink-elixir-based-service.html
Products affected by CVE-2024-1156
-
cpe:2.3:a:emerson:data_record_ad:-
-
cpe:2.3:a:emerson:data_record_ad:2.0.1
-
cpe:2.3:a:emerson:flexlogger:-
-
cpe:2.3:a:emerson:flexlogger:2022_q3
-
cpe:2.3:a:emerson:g_web_development_software:-
-
cpe:2.3:a:emerson:g_web_development_software:2022_q3
-
cpe:2.3:a:emerson:labview_nxg:5.1
-
cpe:2.3:a:emerson:specification_compliance_manager:-
-
cpe:2.3:a:emerson:specification_compliance_manager:2023_q4
-
cpe:2.3:a:emerson:static_test_software_suite:-
-
cpe:2.3:a:emerson:static_test_software_suite:1.2
-
cpe:2.3:a:emerson:sts_software_bundle:-
-
cpe:2.3:a:emerson:sts_software_bundle:21.0
-
cpe:2.3:a:emerson:systemlink_server:-
-
cpe:2.3:a:emerson:systemlink_server:2023_q3