CVE-2024-53795
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Published Dec 6, 2024
CWE ID 862
Summary
CVE-2024-53795 is a critical vulnerability affecting the Andy Moyle Church Admin system. It involves a missing authorization control, allowing unauthorized access to functionality. The issue is not properly constrained by Access Control Lists (ACLs), potentially enabling unintended modifications or actions. This vulnerability puts sensitive data and operations at risk for versions of the Church Admin software from n/a through 5.0.8. It is crucial for affected organizations to apply the necessary security updates as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share