CVE-2022-38774Improper Privilege Management in Endpoint Security

CWE-269Improper Privilege Management3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 82.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Elastic Endpoint SecurityElastic EndgameElastic Endpoint Security AND Elastic Endgame Security
Timeline
PublishedJan 26

Description

An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

CVEListV5elastic/elastic_endpoint_security_and_elastic_endgame_securityElastic Security versions up to 7.17.6 and 8.3.3 and Elastic Endgame versions up to 3.62.2
NVDelastic/endpoint_security8.0.08.4.0+1
NVDelastic/endgame3.62.2

🔴Vulnerability Details

2
GHSA
GHSA-q5g9-qj36-xxm3: An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users t2023-01-26
CVEList
CVE-2022-38774: An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users t2023-01-24
CVE-2022-38774 — Improper Privilege Management | cvebase