CVE-2024-1591

{"id": "CVE-2024-1591", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "13061848-ea10-403d-bd75-c83a022c2891", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.8}]}, "published": "2024-02-16T19:15:08.207", "references": [{"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-02", "source": "13061848-ea10-403d-bd75-c83a022c2891"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "13061848-ea10-403d-bd75-c83a022c2891", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues."}, {"lang": "es", "value": "Antes de la versi\u00f3n 24.1, un atacante autenticado local puede ver Sysvol cuando Privilege Management para Windows est\u00e1 configurado para usar una pol\u00edtica de GPO. Esto les permite ver la pol\u00edtica y potencialmente encontrar problemas de configuraci\u00f3n."}], "lastModified": "2024-02-16T19:26:55.393", "sourceIdentifier": "13061848-ea10-403d-bd75-c83a022c2891"}