Insufficient Verification of Data Authenticity Vulnerability Could Lead to Root Access
CVE-2024-47254

6.3MEDIUM

Key Information:

Vendor: 2n
Status: 2n Access Commander
Vendor: CVE Published:; 5 November 2024

What is CVE-2024-47254?

In 2N Access Commander versions prior to 3.1.1.2, a vulnerability exists that compromises the verification process of data authenticity. This weakness may enable an attacker to exploit the system, potentially leading to unauthorized privilege escalation. If successfully executed, this could result in the attacker gaining root access, which allows for full control over the system. Organizations using affected versions are urged to review their security protocols and update to mitigate risks associated with this vulnerability.

Affected Version(s)

2N Access Commander <=3.1.1.2

References

https://www.2n.com/en-GB/download/Access-Commander-Securi...

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 5, 2024
Vulnerability Reserved
Sep 23, 2024