CVE-2024-10965

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Nov 7, 2024
Updated: Nov 8, 2024
CWE ID 200
CWE ID 284

Summary

CVE-2024-10965 is a newly identified vulnerability affecting emqx neuron up to version 2.10.0. This issue lies in the JSON File Handler component's /api/v2/schema functionality, which is currently unidentified. Exploitation of this vulnerability results in information disclosure. The attack can be carried out remotely, making it a significant concern. To mitigate this risk, it is strongly advised to install the patch with the commit hash c9ce39747e0372aaa2157b2b56174914a12c06d8 as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share