CVE-2024-3784
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Apr 15, 2024
CWE ID 89
Summary
CVE-2024-3784 is a newly identified vulnerability affecting WBSAirback version 21.02.04. This issue stems from a failure to properly handle Server-Side Includes (SSIs) within the /admin/CloudAccounts endpoint. An attacker can exploit this vulnerability remotely and execute arbitrary code through S3 Accounts. Organizations using the affected WBSAirback version are urged to update their software as soon as possible to mitigate this potential security risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share