exploitDog

GHSA-749j-r6jc-ghfj

Опубликовано: 25 фев. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Incorrect access control in the component /iclock/Settings?restartNCS=1 of NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 allows attackers to arbitrarily restart the NCServiceManger via a crafted GET request.

Incorrect access control in the component /iclock/Settings?restartNCS=1 of NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 allows attackers to arbitrarily restart the NCServiceManger via a crafted GET request.

Ссылки

EPSS

Процентиль: 32%

0.00125

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2024-53542

CVSS3: 6.5

nvd

12 месяцев назад

Incorrect access control in the component /iclock/Settings?restartNCS=1 of NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 allows attackers to arbitrarily restart the NCServiceManger via a crafted GET request.

EPSS

Процентиль: 32%

0.00125

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-284