CVE-2024-36068

Published: Aug 27, 2024Modified: Sep 5, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and 8.1.3-p12, allows an attacker with network access to execute arbitrary code.

Affected (11)

Products: Rubrik: Cloud Data Management

Rubrik

1 product

Cloud Data Management

Configuration A

11 vulnerable

Vulnerable Software	Affected Versions
Rubrik Cloud Data Management	Before 8.1.3
Rubrik Cloud Data Management	From 9.0.0 to 9.0.3
Rubrik Cloud Data Management	From 9.1.0 to 9.1.2
Rubrik Cloud Data Management	Version 8.1.3
Rubrik Cloud Data Management	Version 8.1.3 p1
Rubrik Cloud Data Management	Version 8.1.3 p2
Rubrik Cloud Data Management	Version 8.1.3 p3
Rubrik Cloud Data Management	Version 8.1.3 p4
Rubrik Cloud Data Management	Version 8.1.3 p5
Rubrik Cloud Data Management	Version 9.0.3
Rubrik Cloud Data Management	Version 9.1.2

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://www.rubrik.com/advisories/rbk-20240619-v0044

Source: cve@mitre.org

Vendor Advisory

https://www.rubrik.com/products/cloud-data-management

Source: cve@mitre.org

Product

Timeline

No history available yet.