CVE-2024-30170
Published Aug 6, 2024
·Updated
PrivX before 34.0 allows data exfiltration and denial of service via the REST API. This is fixed in minor versions 33.1, 32.3, 31.3, and later, and in major version 34.0 and later,
Affected Software
3 affected components
SSH Privx>=22.0<31.3
SSH Privx>=32.0<32.3
SSH Privx=33.0
Event History
Aug 6, 2024
CVE Published
via MITRE·12:00 AM
Data Sourced
via MITRE·12:00 AM
Description
Frequently Asked Questions
1
What is the severity of CVE-2024-30170?
CVE-2024-30170 is considered a high severity vulnerability due to the potential for data exfiltration and denial of service.
2
How do I fix CVE-2024-30170?
To fix CVE-2024-30170, upgrade to PrivX minor versions 33.1, 32.3, 31.3, or later, or to major version 34.0 or later.
3
Which versions of PrivX are affected by CVE-2024-30170?
PrivX versions prior to 31.3, 32.3, and 33.0 are affected by CVE-2024-30170.
4
What types of issues can CVE-2024-30170 cause?
CVE-2024-30170 can lead to unauthorized data access and denial of service through the REST API.
5
Is there a workaround for CVE-2024-30170?
There are no known workarounds for CVE-2024-30170, so upgrading to a safe version is necessary.