CVE-2024-37930
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Aug 12, 2024
Updated: Sep 12, 2024
CWE ID 862
CWE ID 200
Summary
CVE-2024-37930 is a vulnerability affecting ThemeSphere SmartMag versions from n/a to 9.3.0. This issue involves a missing authorization control, allowing unauthorized actors to access sensitive information. The vulnerability, characterized as an Excavation and Accessing Functionality Not Properly Constrained by ACLs issue, exposes data that should have been restricted, posing a significant security risk. Companies using ThemeSphere SmartMag are advised to apply the necessary updates as soon as possible to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share