Vulnerabilities > CVE-2024-1591 - Unspecified vulnerability in Beyondtrust Privilege Management for Windows

CVSS 3.3 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

local

low complexity

beyondtrust

NVD

Published: 2024-02-16

Updated: 2025-02-07

Summary

Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues.

Vulnerable Configurations

Part	Description	Count
Application	Beyondtrust Beyondtrust Privilege Management FOR Windows - Beyondtrust Privilege Management FOR Windows 4.3 Beyondtrust Privilege Management FOR Windows 4.4 Beyondtrust Privilege Management FOR Windows 5.0 Beyondtrust Privilege Management FOR Windows 5.1 Beyondtrust Privilege Management FOR Windows 5.2.21 Beyondtrust Privilege Management FOR Windows 5.2.28 Beyondtrust Privilege Management FOR Windows 5.3.216 Beyondtrust Privilege Management FOR Windows 5.3.219 Beyondtrust Privilege Management FOR Windows 5.3.229 Beyondtrust Privilege Management FOR Windows 5.3.230 Beyondtrust Privilege Management FOR Windows 5.4 Beyondtrust Privilege Management FOR Windows 5.5 Beyondtrust Privilege Management FOR Windows 5.5.144 Beyondtrust Privilege Management FOR Windows 5.6 Beyondtrust Privilege Management FOR Windows 5.7 Beyondtrust Privilege Management FOR Windows 22.3	27

Summary

Vulnerable Configurations

References