What is CVE-2024-2007?

CVE-2024-2007 is a medium-severity vulnerability in Openbmb Xagent, classified under CWE-265. CVSS score: 5.3/10. Published 2024-02-29.

How severe is CVE-2024-2007?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Vulnerability in Openbmb Xagent

CVE-2024-2007

A vulnerability was found in OpenBMB XAgent 1.0.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Privileged Mode. The manipulation leads to sandbox issue. The attack needs to…

EPSS: 0.001 (25.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L.

Affected products

Openbmb Xagent — versions 1.0.0

Weakness classification (CWE)

CWE-265

References

VDB-255265 | OpenBMB XAgent Privileged Mode sandbox (vdb-entry)
VDB-255265 | CTI Indicators (IOB, IOC, TTP) (signature, permissions-required)
github.com/OpenBMB/XAgent/issues/386 (exploit, issue-tracking)

Frequently asked questions

What is CVE-2024-2007?: CVE-2024-2007 is a medium-severity vulnerability in Openbmb Xagent, classified under CWE-265. CVSS score: 5.3/10. Published 2024-02-29.
How severe is CVE-2024-2007?: Medium severity. CVSS v3 base score is 5.3 out of 10.