CVE-2024-46624

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 3, 2024
Updated: Dec 4, 2024
CWE ID 276

Summary

CVE-2024-46624 is a privilege escalation vulnerability affecting InfoDom Performa 365 v4.0.1. Authenticated attackers can exploit this issue by sending a specially crafted payload to the /api/users endpoint. Successful exploitation enables the attacker to elevate their privileges to Administrator level access. This vulnerability poses a significant risk to organizations that use InfoDom Performa 365 and have not yet applied the necessary patch. It is recommended that users upgrade to the latest version of the software to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share