QwikSec

Security Database

CVE

CWE

Training

CVE-2024-7265

Published: Aug 7, 2024

Modified: Mar 17, 2025

PUBLISHED

Description

Incorrect User Management vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP allows logged-in user to change the password of any user, including root user, which could lead to privilege escalation. This issue affects EZD RP: from 15 before 15.84, from 16 before 16.15, from 17 before 17.2.

Vendor	Product	Versions
Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy	EZD RP	affected `15 - < 15.84` affected `16 - < 16.15` affected `17 - < 17.2`

Weaknesses (CWE)

References

https://cert.pl/en/posts/2024/08/CVE-2024-7265/

third-party-advisory

https://cert.pl/posts/2024/08/CVE-2024-7265/

third-party-advisory

https://www.gov.pl/web/ezd-rp

product

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.