How severe is CVE-2024-4877?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2024-4877?

This is classified as CWE-268, which is a common weakness in software security.

CVE-2024-4877

HIGH Year: 2024

CVSS v3 Score

8.8

High

Weakness Type

CWE-268

View all →

Vulnerability Description

OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges

CVE-2023-0971

HIGH

CVSS:8.8(High)

A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered.

CWE-2682023

CVE-2023-5839

HIGH

CVSS:8.8(High)

Privilege Chaining in GitHub repository hestiacp/hestiacp prior to 1.8.9.

CWE-2682023

CVE-2024-1299

HIGH

CVSS:8.1(High)

A privilege escalation vulnerability was discovered in GitLab affecting versions 16.8 prior to 16.8.4 and 16.9 prior to 16.9.2. It was possible for a user with custom role of `manage_group_access_toke...

CWE-2682024

CVE-2024-47045

HIGH

CVSS:7.8(High)

Privilege chaining issue exists in the installer of e-Tax software(common program). If this vulnerability is exploited, a malicious DLL prepared by an attacker may be executed with higher privileges t...

CWE-2682024

CVE-2023-0971

HIGH

CVSS:8.8(High)

A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered.

CWE-2682023

CVE-2023-5839

HIGH

CVSS:8.8(High)

Privilege Chaining in GitHub repository hestiacp/hestiacp prior to 1.8.9.

CWE-2682023

CVE-2024-4877

Vulnerability Description

Related Vulnerabilities

CVE-2023-0971

CVE-2023-5839

CVE-2024-1299

CVE-2024-47045

CVE-2023-0971

CVE-2023-5839