Published on: Not Yet Published
Last Modified on: 02/03/2023 06:21:00 PM UTC
CVE-2022-38774Source: Mitre Source: NIST CVE.ORG Print: PDF
Certain versions of Endgame from Elastic contain the following vulnerability:
An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
- CVE-2022-38774 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.
- Affected Vendor/Software: Elastic - Elastic Endpoint Security and Elastic Endgame Security version Elastic Security versions up to 7.17.6 and 8.3.3 and Elastic Endgame versions up to 3.62.2
CVSS3 Score: 7.8 - HIGH
|Endpoint Security 8.4.0/7.17.7 and Endgame 3.62.3 Security Statement - Security Announcements - Discuss the Elastic Stack|| discuss.elastic.co |
|Security issues | Elastic|| www.elastic.co |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
No vendor comments have been submitted for this CVE
|@autumn_good_35||『allow unprivileged users to elevate their privileges to those of the LocalSystem account.』 CVE-2022-38774 Endpoin… twitter.com/i/web/status/1…||2023-01-24 15:25:56|
|@Robo_Alerts||Potentially Critical CVE Detected! CVE-2022-38774 An issue was discovered in the quarantine feature of Elastic Endp… twitter.com/i/web/status/1…||2023-01-24 16:55:56|
|@CVEreport||CVE-2022-38774 : An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame… twitter.com/i/web/status/1…||2023-01-26 21:40:43|