CVE-2024-31851 - CERT CVE
ID CVE-2024-31851
Sažetak A path traversal vulnerability exists in the Java version of CData Sync < 23.4.8843 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions.
Reference
CVSS
Base: 8.6
Impact: 4.7
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH LOW LOW
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Zadnje važnije ažuriranje 08-04-2024 - 18:49
Objavljeno 05-04-2024 - 18:15