{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T14:34:40.777","vulnerabilities":[{"cve":{"id":"CVE-2024-7265","sourceIdentifier":"cvd@cert.pl","published":"2024-08-07T11:15:45.757","lastModified":"2025-03-17T09:15:11.963","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Incorrect User Management vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP allows logged-in user to change the password of any user, including root user, which could lead to privilege escalation. This issue affects EZD RP: from 15 before 15.84, from 16 before 16.15, from 17 before 17.2."},{"lang":"es","value":"La vulnerabilidad de administración incorrecta de usuarios en Naukowa i Akademicka Sie? Komputerowa - Pa?stwowy Instytut Badawczy EZD RP permite que un usuario conectado cambie la contraseña de cualquier usuario, incluido el usuario root, lo que podría provocar una escalada de privilegios. Este problema afecta a EZD RP: desde la versión 15 hasta la 15.84, desde la versión 16 hasta la 16.15, desde la versión 17 hasta la 17.2."}],"metrics":{"cvssMetricV40":[{"source":"cvd@cert.pl","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:D/RE:L/U:Amber","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"cvd@cert.pl","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nask:ezd_rp:*:*:*:*:*:*:*:*","versionStartIncluding":"15","versionEndExcluding":"15.84","matchCriteriaId":"B43D39E4-75AE-42D6-B206-A70B3CB9B538"},{"vulnerable":true,"criteria":"cpe:2.3:a:nask:ezd_rp:*:*:*:*:*:*:*:*","versionStartIncluding":"16","versionEndExcluding":"16.15","matchCriteriaId":"0C255177-BEAE-4B88-869C-57EBD3466ADD"},{"vulnerable":true,"criteria":"cpe:2.3:a:nask:ezd_rp:*:*:*:*:*:*:*:*","versionStartIncluding":"17","versionEndExcluding":"17.2","matchCriteriaId":"50DE01F5-72FE-4ECC-B117-3B4D5E15901C"}]}]}],"references":[{"url":"https://cert.pl/en/posts/2024/08/CVE-2024-7265/","source":"cvd@cert.pl"},{"url":"https://cert.pl/posts/2024/08/CVE-2024-7265/","source":"cvd@cert.pl"},{"url":"https://www.gov.pl/web/ezd-rp","source":"cvd@cert.pl","tags":["Product"]}]}}]}