CVE-2024-10774

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Dec 6, 2024
CWE ID 306

Summary

CVE-2024-10774 is a newly disclosed cybersecurity vulnerability that affects unauthenticated access to CROWN APIs. This issue grants unauthorized users the ability to access critical functions within the web application without needing any authentication credentials. The consequences of this vulnerability can be severe, allowing attackers to gain extensive control over the affected system, potentially leading to data theft or system compromise. Organizations are urged to apply patches and updates as soon as possible to mitigate the risks associated with this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share