CVE-2024-55579

Name: CVE-2024-55579
Creator: NVD / NIST
Published: 2024-12-09T03:15:05.197+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 8.8/10EPSS 0.48%

Last modified Jun 17, 2026

CVE-2024-55579 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. An unprivileged user with network access may be able to create connection objects that trigger execution of arbitrary EXE files. EPSS estimates a 0.48% chance of exploitation in the next 30 days.

Description

An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. An unprivileged user with network access may be able to create connection objects that trigger execution of arbitrary EXE files. This is fixed in November 2024 IR, May 2024 Patch 10, February 2024 Patch 14, November 2023 Patch 16, August 2023 Patch 16, May 2023 Patch 18, and February 2023 Patch 15.

Metrics

CVSS 3.1

8.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Probability

0.48%

37.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-863

References

https://community.qlik.com/t5/Official-Support-Articles/High-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows-CVEs/tac-p/2496004

Timeline

Published: Dec 9, 2024
Last Modified: Jun 17, 2026
Status: Deferred

Frequently Asked Questions

What is CVE-2024-55579?

How severe is CVE-2024-55579?

CVE-2024-55579 has a CVSS score of 8.8/10 (HIGH severity). The EPSS model estimates a 0.48% probability of exploitation in the next 30 days.

How do I fix CVE-2024-55579?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2024-55579?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST