CVE-2024-23537

Опубликовано: 29 мар. 2024

Источник: nvd

CVSS3: 8.4

CVSS3: 8.8

EPSS Низкий

Описание

Improper Privilege Management vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5.

Users are recommended to upgrade to version 1.9.0, which fixes the issue.

Ссылки

http://www.openwall.com/lists/oss-security/2024/03/29/1
Mailing List
https://cwiki.apache.org/confluence/display/FINERACT/Apache+Fineract+Security+Report
Vendor Advisory
https://lists.apache.org/thread/fq1ns4nprw2vqpkwwj9sw45jkwxmt9f1
Mailing List
Vendor Advisory
http://www.openwall.com/lists/oss-security/2024/03/29/1
Mailing List
https://cwiki.apache.org/confluence/display/FINERACT/Apache+Fineract+Security+Report
Vendor Advisory
https://lists.apache.org/thread/fq1ns4nprw2vqpkwwj9sw45jkwxmt9f1
Mailing List
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apache:fineract:*:*:*:*:*:*:*:*

Версия до 1.9.0 (исключая)

EPSS

Процентиль: 27%

0.00098

Низкий

8.4 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-269

NVD-CWE-noinfo

Связанные уязвимости

GHSA-xcvp-xvv5-6298

CVSS3: 8.4

github

почти 2 года назад

Improper Privilege Management vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5. Users are recommended to upgrade to version 1.9.0, which fixes the issue.

EPSS

Процентиль: 27%

0.00098

Низкий

8.4 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-269

NVD-CWE-noinfo