CVE Vulnerabilities

CVE-2024-57726

Published: Jan 15, 2025 | Modified: Jan 22, 2025
CVSS 3.x
9.9
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.

Affected Software

Name Vendor Start Version End Version
Simplehelp Simple-help * 5.5.8 (excluding)

References