CVE-2024-4395

June 27, 2024, 10:15 p.m.

None
No Score

Description

The XPC service within the audit functionality of Jamf Compliance Editor before version 1.3.1 on macOS can lead to local privilege escalation.

Product(s) Impacted

Product Versions
Jamf Compliance Editor
  • ['before 1.3.1']

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://github.com/Jamf-Concepts/jamf-compliance-editor/raw/v1.3.1/Jamf%20Compliance%20Editor%20-%20User%20Guide.pdf
https://github.com/Jamf-Concepts/jamf-compliance-editor/releases/download/v1.3.1/JamfComplianceEditor.v1.3.1.pkg
https://khronokernel.com/macos/2024/05/01/CVE-2024-4395.html
https://trusted.jamf.com/docs/establishing-compliance-baselines#support

Tags

2024-06-27
CVE-2024-4395
67325c3f-c596-46c5-a235-e1a1e73abe4e

Timeline

Published: June 27, 2024, 10:15 p.m.
Last Modified: June 27, 2024, 10:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

67325c3f-c596-46c5-a235-e1a1e73abe4e

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.