CVE-2024-24562

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Mar 14, 2024
CWE ID 693
CWE ID 668

Summary

CVE-2024-24562 affects the vantage6-UI, the official user interface for the vantage6 server. The issue lies in the lack of security headers in the affected versions. This vulnerability has been rectified in commit `68dfa6614` and is anticipated to be incorporated into future releases. It is strongly recommended that users upgrade once a new version becomes available. For those unable to upgrade immediately, they may modify the Docker image build to integrate the necessary security headers into Nginx.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share