Lucene search
MitreCVE-2024-39669HistoryJun 27, 2024 - 4:15 p.m.
CVE-2024-39669
2024-06-2716:15:12
CWE-94
mitre
web.nvd.nist.gov
29
soffid iam
java objects
arbitrary code
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.8
Confidence
Low
EPSS
0
Percentile
9.1%
In the Console in Soffid IAM before 3.5.39, necessary checks were not applied to some Java objects. A malicious agent could possibly execute arbitrary code in the Sync Server and compromise security.
Related
cvelist
cvelist
CVE-2024-39669
2024-06-27 00:00:00
vulnrichment
vulnrichment
CVE-2024-39669
2024-06-27 00:00:00
nvd
nvd
CVE-2024-39669
2024-06-27 16:15:12
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.8
Confidence
Low
EPSS
0
Percentile
9.1%
Related for CVE-2024-39669