CVE-2024-55580: Code Injection

Q: What is the severity of CVE-2024-55580?

CVE-2024-55580 has high severity due to the potential for unprivileged users to execute remote commands.

Q: How do I fix CVE-2024-55580?

To fix CVE-2024-55580, update Qlik Sense Enterprise for Windows to the November 2024 IR release.

Q: Who is affected by CVE-2024-55580?

Unprivileged users with network access to Qlik Sense Enterprise for Windows versions prior to November 2024 IR are affected by CVE-2024-55580.

Q: What risks are associated with CVE-2024-55580?

CVE-2024-55580 poses risks to high availability, integrity, and confidentiality of the affected system.

Q: When was CVE-2024-55580 disclosed?

CVE-2024-55580 was disclosed prior to the release of the November 2024 IR for Qlik Sense Enterprise for Windows.

Published Dec 9, 2024

Updated

An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. Unprivileged users with network access may be able to execute remote commands that could cause high availability damages, including high integrity and confidentiality risks. This is fixed in November 2024 IR, May 2024 Patch 10, February 2024 Patch 14, November 2023 Patch 16, August 2023 Patch 16, May 2023 Patch 18, and February 2023 Patch 15.

Affected Software

1 affected component

Qlik Sense Enterprise for Windows<November 2024 IR

Event History

Dec 9, 2024

CVE Published

via MITRE·12:00 AM

Data Sourced

via MITRE·12:00 AM

DescriptionSeverity

Data Sourced

via NVD·03:15 AM

DescriptionSeverityWeakness

Frequently Asked Questions

What is the severity of CVE-2024-55580?

CVE-2024-55580 has high severity due to the potential for unprivileged users to execute remote commands.

How do I fix CVE-2024-55580?

To fix CVE-2024-55580, update Qlik Sense Enterprise for Windows to the November 2024 IR release.

Who is affected by CVE-2024-55580?

Unprivileged users with network access to Qlik Sense Enterprise for Windows versions prior to November 2024 IR are affected by CVE-2024-55580.

What risks are associated with CVE-2024-55580?

CVE-2024-55580 poses risks to high availability, integrity, and confidentiality of the affected system.

When was CVE-2024-55580 disclosed?

CVE-2024-55580 was disclosed prior to the release of the November 2024 IR for Qlik Sense Enterprise for Windows.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.