CVE-2024-37930

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 12, 2024
Updated: Sep 12, 2024
CWE ID 862
CWE ID 200

Summary

CVE-2024-37930 is a vulnerability affecting ThemeSphere SmartMag versions from n/a to 9.3.0. This issue involves a missing authorization control, allowing unauthorized actors to access sensitive information. The vulnerability, characterized as an Excavation and Accessing Functionality Not Properly Constrained by ACLs issue, exposes data that should have been restricted, posing a significant security risk. Companies using ThemeSphere SmartMag are advised to apply the necessary updates as soon as possible to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share