CVE-2024-10965
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Nov 7, 2024
Updated: Nov 8, 2024
CWE ID 200
CWE ID 284
Summary
CVE-2024-10965 is a newly identified vulnerability affecting emqx neuron up to version 2.10.0. This issue lies in the JSON File Handler component's /api/v2/schema functionality, which is currently unidentified. Exploitation of this vulnerability results in information disclosure. The attack can be carried out remotely, making it a significant concern. To mitigate this risk, it is strongly advised to install the patch with the commit hash c9ce39747e0372aaa2157b2b56174914a12c06d8 as soon as possible.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Neuron