Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-36068

An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and 8.1.3-p12, allows an attacker with network access to execute arbitrary code.

Published

2024-08-27T18:15:14.427

Last Modified

2024-09-05T20:27:19.640

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Primary
NVD-CWE-Other
Type: Secondary
CWE-284

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	rubrik	cloud_data_management	< 8.1.3	Yes
Application	rubrik	cloud_data_management	< 9.0.3	Yes
Application	rubrik	cloud_data_management	< 9.1.2	Yes
Application	rubrik	cloud_data_management	8.1.3	Yes
Application	rubrik	cloud_data_management	8.1.3	Yes
Application	rubrik	cloud_data_management	8.1.3	Yes
Application	rubrik	cloud_data_management	8.1.3	Yes
Application	rubrik	cloud_data_management	8.1.3	Yes
Application	rubrik	cloud_data_management	8.1.3	Yes
Application	rubrik	cloud_data_management	9.0.3	Yes
Application	rubrik	cloud_data_management	9.1.2	Yes

References

https://www.rubrik.com/advisories/rbk-20240619-v0044 Vendor Advisory ([email protected])
https://www.rubrik.com/products/cloud-data-management Product ([email protected])