Vulnerability Details CVE-2024-24722
An unquoted service path vulnerability in the 12d Synergy Server and File Replication Server components may allow an attacker to gain elevated privileges via the 12d Synergy Server and/or 12d Synergy File Replication Server executable service path. This is fixed in 4.3.10.192, 5.1.5.221, and 5.1.6.235.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.7%
CVSS Severity
CVSS v3 Score 9.1
References
- https://files.12dsynergy.com/downloads/download.aspx
- https://help.12dsynergy.com/v1/docs/cve-2024-24722
- https://www.12dsynergy.com/security-statement/
- https://files.12dsynergy.com/downloads/download.aspx
- https://help.12dsynergy.com/v1/docs/cve-2024-24722
- https://www.12dsynergy.com/security-statement/
Products affected by CVE-2024-24722
-
cpe:2.3:a:12dsynergy:12dsynergy:4.3.3.68
-
cpe:2.3:a:12dsynergy:12dsynergy:5.1.1.58
-
cpe:2.3:a:12dsynergy:12dsynergy:5.1.6.210
-
cpe:2.3:a:12dsynergy:file_replication_server:4.3.3.68
-
cpe:2.3:a:12dsynergy:file_replication_server:5.1.1.58
-
cpe:2.3:a:12dsynergy:file_replication_server:5.1.6.210