Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
registry.redhat.io/cert-manager/jetstack-cert Rocky
Fixed in: manager-rhel9@sha256:30d0113003152532d29a845550a78454a1f88099e90b475711ab74901560c67e_s390x RHSA-2025:0536 Fixed in: manager-rhel9@sha256:df96fa00709d2ff36b7b9d7977eb18aad4c3b3c93862e5babbfa76001353a3e8_ppc64le RHSA-2025:0536 Fixed in: manager-rhel9@sha256:68286a86b7926a3ec88dc375a59a95716d8d3addea06ee7f88005fcd244b05a6_arm64 RHSA-2025:0536 Fixed in: manager-rhel9@sha256:a1da35635852cc7e5d73bde8bbec209e5b55cfae7c421817a2b4bc7e454900c0_amd64 RHSA-2025:0536 registry.redhat.io/cert-manager/jetstack-cert Red Hat / RHEL
Fixed in: manager-rhel9@sha256:a1da35635852cc7e5d73bde8bbec209e5b55cfae7c421817a2b4bc7e454900c0_amd64 RHSA-2025:0536 Fixed in: manager-rhel9@sha256:30d0113003152532d29a845550a78454a1f88099e90b475711ab74901560c67e_s390x RHSA-2025:0536 Fixed in: manager-rhel9@sha256:df96fa00709d2ff36b7b9d7977eb18aad4c3b3c93862e5babbfa76001353a3e8_ppc64le RHSA-2025:0536 Fixed in: manager-rhel9@sha256:68286a86b7926a3ec88dc375a59a95716d8d3addea06ee7f88005fcd244b05a6_arm64 RHSA-2025:0536 registry.redhat.io/cert-manager/jetstack-cert-manager Rocky
Fixed in: acmesolver-rhel9@sha256:49940e94193b06df5f5ff454aeb38a8b9a44e99b02d54600cb2442f81ff6dc25_amd64 RHSA-2025:0536 Fixed in: acmesolver-rhel9@sha256:2e4eae54c75591d3dacd8165159397a63d6f695a1f733d12623652705ad40173_s390x RHSA-2025:0536 Fixed in: acmesolver-rhel9@sha256:4986a8ad37ed49652058e4acf30233649459f5e3c4b2bad9de5b9a4df6dfa531_ppc64le RHSA-2025:0536 Fixed in: acmesolver-rhel9@sha256:c1f40166786adbd77027d0dc210e8fcd0320e9f2d3b9a3df6f6ab27a46c8ade1_arm64 RHSA-2025:0536 registry.redhat.io/cert-manager/jetstack-cert-manager Red Hat / RHEL
Fixed in: acmesolver-rhel9@sha256:2e4eae54c75591d3dacd8165159397a63d6f695a1f733d12623652705ad40173_s390x RHSA-2025:0536 Fixed in: acmesolver-rhel9@sha256:c1f40166786adbd77027d0dc210e8fcd0320e9f2d3b9a3df6f6ab27a46c8ade1_arm64 RHSA-2025:0536 Fixed in: acmesolver-rhel9@sha256:4986a8ad37ed49652058e4acf30233649459f5e3c4b2bad9de5b9a4df6dfa531_ppc64le RHSA-2025:0536 Fixed in: acmesolver-rhel9@sha256:49940e94193b06df5f5ff454aeb38a8b9a44e99b02d54600cb2442f81ff6dc25_amd64 RHSA-2025:0536 rhdh/rhdh Red Hat / RHEL
Fixed in: hub-rhel9@sha256:ccc2f05dd6dacbe9b39bbe5b4774ef9d61b872fa7c26e47c0c63d260920ad436_amd64 RHBA-2024:7523 Fixed in: operator-bundle@sha256:717ddb1edb2f3ba94fa68d5310dfe2c0b4aa0a3a75747011b1cd4d6956d982e3_amd64 RHBA-2024:7523 Fixed in: rhel9-operator@sha256:4984c6cc3d35be00fa8758b2ddbb2712ad0085b557ff1bac9cc885a47bc20bf4_amd64 RHBA-2024:7523 rhdh/rhdh Rocky
Fixed in: hub-rhel9@sha256:ccc2f05dd6dacbe9b39bbe5b4774ef9d61b872fa7c26e47c0c63d260920ad436_amd64 RHBA-2024:7523 Fixed in: operator-bundle@sha256:717ddb1edb2f3ba94fa68d5310dfe2c0b4aa0a3a75747011b1cd4d6956d982e3_amd64 RHBA-2024:7523 Fixed in: rhel9-operator@sha256:4984c6cc3d35be00fa8758b2ddbb2712ad0085b557ff1bac9cc885a47bc20bf4_amd64 RHBA-2024:7523 Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.
Exploitability
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Impact
Confidentiality High
Integrity None
Availability None
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.79% probability of exploitation in 30 days
52nd percentile
Moderate risk: more likely to be exploited than 52% of all known CVEs.
Other CWE-362 (Race Condition) vulnerabilities, ordered by exploit likelihood. View all
Embed a live status badge for CVE-2024-35255 Markdown
[](https://tridentstack.com/cve/CVE-2024-35255)HTML
<a href="https://tridentstack.com/cve/CVE-2024-35255"><img src="https://tridentstack.com/cve/badge/CVE-2024-35255.svg" alt="CVE-2024-35255"></a>Find and fix vulnerabilities across your fleet TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start free This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.