Lucene search

MitreCVE-2024-37742

HistoryJun 25, 2024 - 10:15 p.m.

CVE-2024-37742

2024-06-2522:15:35

CWE-284

mitre

web.nvd.nist.gov

safe exam browser

windows

clipboard management

exam integrity

sensitive information

CVSS3

8.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

AI Score

6.6

Confidence

Low

EPSS

Percentile

9.1%

JSON

Insecure Access Control in Safe Exam Browser (SEB) = 3.5.0 on Windows. The vulnerability allows an attacker to share clipboard data between the SEB kiosk mode and the underlying system, compromising exam integrity. By exploiting this flaw, an attacker can bypass exam controls and gain an unfair advantage during exams.

References

github.com/Eteblue/CVE-2024-37742

youtu.be/SOm0Hgny_3U

CVSS3

8.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

AI Score

6.6

Confidence

Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2024-37742