PCP Vulnerability: High-Level Privileges for Compromised System Accounts
CVE-2024-45770

4.4MEDIUM

Key Information:

Vendor

Performance Co-Pilot

Status
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 8.2 Advanced Update Support
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
Vendor
CVE Published:
19 September 2024

What is CVE-2024-45770?

A vulnerability has been identified in the Performance Co-Pilot (PCP) system that can lead to privilege escalation. This issue arises due to the pmpost tool, which is responsible for logging system messages. Under specific conditions, this tool operates with elevated privileges, making it susceptible to exploitation. If an attacker manages to gain access to a compromised PCP system account, they can potentially exploit this flaw to gain unauthorized access to sensitive system functionalities, thereby increasing the impact of the breach. Organizations using affected versions of PCP should assess their risk posture and implement the recommended security measures.

References

https://access.redhat.com/errata/RHSA-2024:6837
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6840
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6842
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.