How severe is CVE-2024-52869?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6 out of 10.

What type of vulnerability is CVE-2024-52869?

This is classified as CWE-281, which is a common weakness in software security.

CVE-2024-52869 - MEDIUM Severity | CVSS 6

Vulnerability Description

Certain Teradata account-handling code through 2024-11-04, used with SUSE Enterprise Linux Server, mismanages groups. Specifically, when there is an operating system move from SUSE Enterprise Linux Server (SLES) 12 Service Pack (SP) 2 or 3 to SLES 15 SP2 on Teradata Database systems, some service/system user accounts, and possibly systems administrator created user accounts, are incorrectly assigned to groups that allow higher system-level privileges than intended for those user accounts. Depending on the usage of these accounts, this may lead to full system compromise.

Related Vulnerabilities

CVE-2022-22472

MEDIUM

CVSS:6.0(Medium)

IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift) could allow a remote attacker to bypass IBM Spectrum...

CWE-2812022

CVE-2022-4326

MEDIUM

CVSS:6.0(Medium)

Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection t...

CWE-2812022

CVE-2022-32969

MEDIUM

CVSS:5.9(Medium)

MetaMask before 10.11.3 might allow an attacker to access a user's secret recovery phrase because an input field is used for a BIP39 mnemonic, and Firefox and Chromium save such fields to disk in orde...

CWE-2812022

CVE-2024-22121

MEDIUM

CVSS:6.1(Medium)

A non-admin user can change or remove important features within the Zabbix Agent application, thus impacting the integrity and availability of the application.

CWE-2812024

CVE-2024-4768

MEDIUM

CVSS:6.1(Medium)

A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Th...

CWE-2812024

CVE-2024-50929

MEDIUM

CVSS:6.2(Medium)

Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to arbitrarily change the device type in the controller's memory, leading to a Denial of Service (DoS).

CWE-2812024