SecBoard
Zurück zur CVE-Übersicht

CVE-2024-46310

CRITICAL(9.1)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Risk Signal Score23/100 — NIEDRIG
  • CVSS 9.1 — Kritisch

EPSS-Score

2%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

9.1

Technische Schwere

Beschreibung

Incorrect Access Control in Cfx.re FXServer v9601 and earlier allows unauthenticated users to modify and read arbitrary user data via exposed API endpoint

Referenzen