Beyondtrust: Security Vulnerabilities
CVE-2024-12686
A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.
Known exploited
CVSS Score
6.6
EPSS Score
0.058
Published
2024-12-18
CVE-2024-12356
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
Known exploited
CVSS Score
9.8
EPSS Score
0.937
Published
2024-12-17
A medium severity vulnerability has been identified within Privileged Identity which can allow an attacker to perform reflected cross-site scripting attacks.
CVSS Score
6.4
EPSS Score
0.002
Published
2024-10-30
A low severity vulnerability in BIPS has been identified where an attacker with high privileges or a compromised high privilege account can overwrite Read-Only smart rules via a specially crafted API request.
CVSS Score
3.3
EPSS Score
0.001
Published
2024-06-11
A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response.
CVSS Score
5.9
EPSS Score
0.002
Published
2024-06-11
Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors within BeyondInsight, resulting in a server-side request forgery vulnerability.
CVSS Score
4.8
EPSS Score
0.001
Published
2024-06-04
Prior to 23.1, an information disclosure vulnerability exists within BeyondInsight which can allow an attacker to enumerate usernames.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-06-04
Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit (filesystem modules) allows DLL Side-Loading.This issue affects U-Series Appliance: from 3.4 before 4.0.3.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-04-19
Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit (local appliance api modules) allows Privilege Escalation.This issue affects U-Series Appliance: from 3.4 before 4.0.3.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-04-19
An issue was discovered in BeyondTrust Privilege Management for Windows before 24.1. When an low-privileged user initiates a repair, there is an attack vector through which the user is able to execute any program with elevated privileges.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-02-16
Page 1