CVE-2024-24722

An unquoted service path vulnerability in the 12d Synergy Server and File Replication Server components may allow an attacker to gain elevated privileges via the 12d Synergy Server and/or 12d Synergy File Replication Server executable service path. This is fixed in 4.3.10.192, 5.1.5.221, and 5.1.6.235.

CVSS

No CVSS.

References

Link	Resource
https://files.12dsynergy.com/downloads/download.aspx	Product
https://files.12dsynergy.com/downloads/download.aspx	Product
https://help.12dsynergy.com/v1/docs/cve-2024-24722	Vendor Advisory
https://help.12dsynergy.com/v1/docs/cve-2024-24722	Vendor Advisory
https://www.12dsynergy.com/security-statement/	Product
https://www.12dsynergy.com/security-statement/	Product

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:12dsynergy:file_replication_server::::::::
	cpe:2.3:a:12dsynergy:12dsynergy::::::::
	cpe:2.3:a:12dsynergy:12dsynergy::::::::
	cpe:2.3:a:12dsynergy:file_replication_server::::::::
	cpe:2.3:a:12dsynergy:12dsynergy::::::::
	cpe:2.3:a:12dsynergy:file_replication_server::::::::

History

02 Apr 2025, 20:07

Type	Values Removed	Values Added
References	~~() https://www.12dsynergy.com/security-statement/ -~~	() https://www.12dsynergy.com/security-statement/ - Product
References	~~() https://help.12dsynergy.com/v1/docs/cve-2024-24722 -~~	() https://help.12dsynergy.com/v1/docs/cve-2024-24722 - Vendor Advisory
References	~~() https://files.12dsynergy.com/downloads/download.aspx -~~	() https://files.12dsynergy.com/downloads/download.aspx - Product
CPE		cpe:2.3:a:12dsynergy:file_replication_server:::::::: cpe:2.3:a:12dsynergy:12dsynergy::::::::
First Time		12dsynergy 12dsynergy file Replication Server 12dsynergy 12dsynergy

19 Feb 2024, 06:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-02-19 06:15

Updated : 2025-04-02 20:07

NVD link : CVE-2024-24722

Mitre link : CVE-2024-24722

JSON object : View

Products Affected

12dsynergy

12dsynergy
file_replication_server

CWE

No CWE.

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://files.12dsynergy.com/downloads/download.aspx", "name": "https://files.12dsynergy.com/downloads/download.aspx", "tags": ["Product"], "refsource": ""}, {"url": "https://files.12dsynergy.com/downloads/download.aspx", "name": "https://files.12dsynergy.com/downloads/download.aspx", "tags": ["Product"], "refsource": ""}, {"url": "https://help.12dsynergy.com/v1/docs/cve-2024-24722", "name": "https://help.12dsynergy.com/v1/docs/cve-2024-24722", "tags": ["Vendor Advisory"], "refsource": ""}, {"url": "https://help.12dsynergy.com/v1/docs/cve-2024-24722", "name": "https://help.12dsynergy.com/v1/docs/cve-2024-24722", "tags": ["Vendor Advisory"], "refsource": ""}, {"url": "https://www.12dsynergy.com/security-statement/", "name": "https://www.12dsynergy.com/security-statement/", "tags": ["Product"], "refsource": ""}, {"url": "https://www.12dsynergy.com/security-statement/", "name": "https://www.12dsynergy.com/security-statement/", "tags": ["Product"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "An unquoted service path vulnerability in the 12d Synergy Server and File Replication Server components may allow an attacker to gain elevated privileges via the 12d Synergy Server and/or 12d Synergy File Replication Server executable service path. This is fixed in 4.3.10.192, 5.1.5.221, and 5.1.6.235."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-24722", "ASSIGNER": "cve@mitre.org"}}, "impact": {}, "publishedDate": "2024-02-19T06:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:12dsynergy:file_replication_server:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.1.5.221", "versionStartIncluding": "5.1.1.58"}, {"cpe23Uri": "cpe:2.3:a:12dsynergy:12dsynergy:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.1.5.221", "versionStartIncluding": "5.1.1.58"}, {"cpe23Uri": "cpe:2.3:a:12dsynergy:12dsynergy:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.1.6.235", "versionStartIncluding": "5.1.6.210"}, {"cpe23Uri": "cpe:2.3:a:12dsynergy:file_replication_server:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.1.6.235", "versionStartIncluding": "5.1.6.210"}, {"cpe23Uri": "cpe:2.3:a:12dsynergy:12dsynergy:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.3.10.192"}, {"cpe23Uri": "cpe:2.3:a:12dsynergy:file_replication_server:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.3.10.192"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-04-02T20:07Z"}