CVE-2024-35428 - CERT CVE

  1. CVE-2024-35428

ID CVE-2024-35428
Sažetak ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via BaseMediaFile. An authenticated user can delete local files from the server which can lead to DoS.
Reference
CVSS
Base: 7.1
Impact: 4.2
Exploitability:2.8
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
NONE LOW HIGH
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Zadnje važnije ažuriranje 18-07-2024 - 16:52
Objavljeno 30-05-2024 - 17:15