How severe is CVE-2024-36041?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.3 out of 10.

What type of vulnerability is CVE-2024-36041?

This is classified as CWE-613, which is a common weakness in software security.

CVE-2024-36041 - HIGH Severity | CVSS 7.3

Vulnerability Description

KSmserver in KDE Plasma Workspace (aka plasma-workspace) before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This allows another user on the same machine to gain access to the session manager, e.g., use the session-restore feature to execute arbitrary code as the victim (on the next boot) via earlier use of the /tmp directory.

Related Vulnerabilities

CVE-2017-6145

HIGH

CVSS:7.3(High)

iControl REST in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe 12.0.0 through 12.1.2 and 13.0.0 includes a service to convert authorization BIGIPAuthCookie cooki...

CWE-6132017

CVE-2019-9269

HIGH

CVSS:7.3(High)

In System Settings, there is a possible permissions bypass due to a cached Linux user ID. This could lead to a local permissions bypass with no additional execution privileges needed. User interaction...

CWE-6132019

CVE-2023-38489

HIGH

CVSS:7.3(High)

Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites with user accounts (unless Kirby's API and Panel are di...

CWE-6132023

CVE-2025-22386

HIGH

CVSS:7.3(High)

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity session issue exists in the Commerce B2B application, affecting the longevity of active sessions in the sto...

CWE-6132025

CVE-2020-13302

HIGH

CVSS:7.2(High)

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Under certain conditions GitLab was not properly revoking user sessions and allowed a malicious user to access a us...

CWE-6132020

CVE-2022-31050

HIGH

CVSS:7.2(High)

TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, Admin Tool sessions initiated via the TYPO3 backend user interface had not been revoked even...

CWE-6132022