GHSA-f2h5-3j7q-vp2p

Опубликовано: 03 сент. 2024

Источник: github

Github: Не прошло ревью

CVSS4: 6.9

CVSS3: 9.8

Описание

Improper Privilege Management vulnerability in SAMPA? Holding AKOS allows Collect Data as Provided by Users.This issue affects AKOS: through 20240902.

NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Improper Privilege Management vulnerability in SAMPA? Holding AKOS allows Collect Data as Provided by Users.This issue affects AKOS: through 20240902.

NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Ссылки

EPSS

Процентиль: 37%

0.00158

Низкий

6.9 Medium

CVSS4

9.8 Critical

CVSS3

CVE ID

CVE-2024-4259

Дефекты

CWE-269

CWE-862

Связанные уязвимости

CVE-2024-4259

CVSS3: 9.8

nvd

больше 1 года назад

Missing Authorization vulnerability in SAMPAŞ Holding AKOS (AkosCepVatandasService), SAMPAŞ Holding AKOS (TahsilatService) allows Collect Data as Provided by Users. This issue affects AKOS (AkosCepVatandasService): before V2.0; AKOS (TahsilatService): before V1.0.7.

EPSS

Процентиль: 37%

0.00158

Низкий

6.9 Medium

CVSS4

9.8 Critical

CVSS3

CVE ID

CVE-2024-4259

Дефекты

CWE-269

CWE-862