Privilege Manager
by Quest
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-6553 | Cri | 0.70 | 9.8 | 0.42 | Apr 29, 2017 | Buffer Overflow in Quest One Identity Privilege Manager for Unix before 6.0.0.061 allows remote attackers to obtain full access to the policy server via an ACT_ALERT_EVENT request that causes memory corruption in the pmmasterd daemon. | ||
| CVE-2017-6554 | Hig | 0.51 | 7.2 | 0.16 | Apr 14, 2017 | pmmasterd in Quest Privilege Manager before 6.0.0.061, when configured as a policy server, allows remote attackers to write to arbitrary files and consequently execute arbitrary code with root privileges via an ACT_NEWFILESENT action. | ||
| CVE-2024-39708 | Hig | 0.46 | 7.0 | 0.00 | Jun 28, 2024 | An issue was discovered in the Agent in Delinea Privilege Manager (formerly Thycotic Privilege Manager) before 12.0.1096 on Windows. Sometimes, a non-administrator user can copy a crafted DLL file to a temporary directory (used by .NET Shadow Copies) such that privilege… | ||
| CVE-2024-52926 | Med | 0.42 | 6.5 | 0.00 | Nov 18, 2024 | Delinea Privilege Manager before 12.0.2 mishandles the security of the Windows agent. |
- risk 0.70cvss 9.8epss 0.42
Buffer Overflow in Quest One Identity Privilege Manager for Unix before 6.0.0.061 allows remote attackers to obtain full access to the policy server via an ACT_ALERT_EVENT request that causes memory corruption in the pmmasterd daemon.
- risk 0.51cvss 7.2epss 0.16
pmmasterd in Quest Privilege Manager before 6.0.0.061, when configured as a policy server, allows remote attackers to write to arbitrary files and consequently execute arbitrary code with root privileges via an ACT_NEWFILESENT action.
- risk 0.46cvss 7.0epss 0.00
An issue was discovered in the Agent in Delinea Privilege Manager (formerly Thycotic Privilege Manager) before 12.0.1096 on Windows. Sometimes, a non-administrator user can copy a crafted DLL file to a temporary directory (used by .NET Shadow Copies) such that privilege…
- risk 0.42cvss 6.5epss 0.00
Delinea Privilege Manager before 12.0.2 mishandles the security of the Windows agent.