Home / Security updates / Disclosure of CVE-2024-52926
Disclosure of CVE-2024-52926
Security updates detail rendered from /security-updates/upd_2063ffc7448d9dbb.
Overview
| ID | upd_2063ffc7448d9dbb |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Delinea |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_2063ffc7448d9dbb |
| providerId | safebase |
| organizationId | org_a3ee621a755352d9 |
| trustCenterId | tc_c2a1aa0eb7eda998 |
| title | Disclosure of CVE-2024-52926 |
| message | During a customer test of Privilege Manager, a third party discovered vulnerabilities in the application -- which are now disclosed in [CVE-2024-52926](https://nvd.nist.gov/vuln/detail/CVE-2024-52926). The third party approached Delinea with their findings and in collaboration with Delinea's Development and Security staff, Delinea created a remediation plan in accordance with our responsible disclosure policy. The vulnerability existed in the Privilege Manager Agent where a non-administrative user could escalate their rights if Privilege Manager had previously elevated a process in that user’s session. Delinea patched the SaaS instance on September 28, 2024 and released a patch for the on-premises version on October 11, 2024. The time between those release dates and publishing the CVE allows for customers to upgrade before going live with the disclosure. If operators of this software have not yet installed version [12.0.2153](https://docs.delinea.com/online-help/privilege-manag |
| url | - |
| publishedAt | 2024-11-18 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_a3ee621a755352d9",
"name": "Delinea",
"domains": [
"trust.delinea.com",
"delinea.com"
]
} |
| trust_center | {
"id": "tc_c2a1aa0eb7eda998",
"name": "Delinea",
"url": "https://trust.delinea.com",
"host": "trust.delinea.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_2063ffc7448d9dbb",
"company": "/v1/companies/org_a3ee621a755352d9",
"trust_center": "/v1/trust-centers/tc_c2a1aa0eb7eda998",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_2063ffc7448d9dbbJSON