CVE-2022-38777Improper Privilege Management in Endgame

CWE-269Improper Privilege Management3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 94.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Elastic EndgameElastic Endpoint SecurityElastic Endpoint Security
Timeline
PublishedFeb 8

Description

An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

NVDelastic/endpoint_security8.0.08.5.0+1
CVEListV5elastic/elastic_endpoint_securityElastic Security versions up to 7.17.8 and 8.4.3 and Elastic Endgame versions up to 3.62.2
NVDelastic/endgame< 3.62.3

🔴Vulnerability Details

2
GHSA
GHSA-x4cg-qw8v-hq66: An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privil2023-02-08
CVEList
CVE-2022-38777: An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privil2023-02-08
CVE-2022-38777 — Improper Privilege Management | cvebase