CVE-2024-44076
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Aug 19, 2024
CWE ID 269
Summary
CVE-2024-44076 is a vulnerability affecting Microcks versions prior to 1.10.0. This issue grants non-administrator access to the POST /api/import and POST /api/export endpoints, allowing unauthorized users to potentially import or export data from the system. Attackers could exploit this vulnerability to gain unapproved access to sensitive information or make unintended modifications, posing a significant security risk. It is recommended that Microcks users upgrade to version 1.10.0 or later to mitigate this issue.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share