CVE-2024-48530

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 20, 2024
Updated: Dec 3, 2024
CWE ID 770

Summary

CVE-2024-48530 is a Denial of Service (DoS) vulnerability affecting the Instructor Appointment Availability module in eSoft Planner version 3.24.08271-USA. An attacker can exploit this issue by sending a specially crafted POST request, causing the module to become unresponsive and denying service to legitimate users. This vulnerability can result in downtime and potential disruption of academic scheduling processes. It is strongly recommended that users of this version of eSoft Planner upgrade to a patched version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share