CVE-2024-11625

CVSS 3.1 Score 7.7 of 10 (high)

Details

Published Jan 7, 2025
CWE ID 209

Summary

CVE-2024-11625 is a newly disclosed Information Exposure vulnerability affecting various versions of Progress Software Corporation's Sitefinity. The error message in question exposes sensitive information when certain conditions are met. Specifically, affected versions include Sitefinity from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, and from 15.2.8400 through 15.2.8421. Successful exploitation of this vulnerability could lead to unauthorized access to confidential data or system components. It is recommended that users upgrade to the latest patch or contact their vendors for a remediation plan.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share