CVE-2024-43438
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2024-43438 is a vulnerability affecting the Feedback feature in a certain software. The issue lies in the bulk messaging function of the activity's non-respondents report, which fails to verify the recipients. This means that messages can be sent to unintended users who are included in the report, leading to potential privacy violations or even phishing attacks. Unauthorized users may gain access to sensitive information or manipulate the recipients, posing a significant risk to the system and its users. It is recommended that users update their software promptly to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.