CVE-2024-48530
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Nov 20, 2024
Updated: Dec 3, 2024
CWE ID 770
Summary
CVE-2024-48530 is a Denial of Service (DoS) vulnerability affecting the Instructor Appointment Availability module in eSoft Planner version 3.24.08271-USA. An attacker can exploit this issue by sending a specially crafted POST request, causing the module to become unresponsive and denying service to legitimate users. This vulnerability can result in downtime and potential disruption of academic scheduling processes. It is strongly recommended that users of this version of eSoft Planner upgrade to a patched version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share