In Telerik JustDecompile versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik JustDecompile install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system.
References
Link | Resource |
---|---|
https://docs.telerik.com/devtools/justdecompile/knowledge-base/legacy-installer-vulnerability | Vendor Advisory |
https://www.telerik.com/products/decompiler.aspx | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ProgressSoftware
Published: 2024-01-31T15:11:21.337Z
Updated: 2024-01-31T16:47:14.050Z
Reserved: 2024-01-03T15:32:48.849Z
Link: CVE-2024-0219
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-01-31T16:15:45.290
Modified: 2024-02-09T17:15:31.870
Link: CVE-2024-0219
JSON object: View
Redhat Information
No data.