Permissions and Access Control Vulnerability in ZXCLOUD IRAI
CVE-2024-22062

8.8HIGH

Key Information:

Vendor: Zte
Status: Zxcloud Irai
Vendor: CVE Published:; 9 July 2024

What is CVE-2024-22062?

A permissions and access control vulnerability exists in ZXCLOUD IRAI, allowing attackers to modify configurations that enable non-administrator accounts to gain administrator privileges. This weakness poses a significant risk as it can lead to unauthorized access and manipulation of sensitive data and system controls, compromising the overall integrity and security of the system.

Affected Version(s)

ZXCLOUD IRAI Linux 0

References

https://support.zte.com.cn/support/news/LoopholeInfoDetai...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jul 9, 2024
Vulnerability Reserved
Jan 5, 2024

JSON

Zte

What is CVE-2024-22062?

Affected Version(s)

References

CVSS V3.1

Timeline