Lucene search
MitreCVE-2024-42680HistoryAug 15, 2024 - 2:15 p.m.
CVE-2024-42680
2024-08-1514:15:11
CWE-22
mitre
web.nvd.nist.gov
22
security issue
local attacker
server absolute path
enterprise management system
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
11.1%
An issue in Super easy enterprise management system v.1.0.0 and before allows a local attacker to obtain the server absolute path by entering a single quotation mark.
Affected configurations
Node
cysoft168super_easy_enterprise_management_systemRange≤1.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cysoft168 | super_easy_enterprise_management_system | * | cpe:2.3:a:cysoft168:super_easy_enterprise_management_system:*:*:*:*:*:*:*:* |
Related
vulnrichment
vulnrichment
CVE-2024-42680
2024-08-15 00:00:00
nvd
nvd
CVE-2024-42680
2024-08-15 14:15:11
cvelist
cvelist
CVE-2024-42680
2024-08-15 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
11.1%
Related for CVE-2024-42680