CVE-2024-53795

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Dec 6, 2024
CWE ID 862

Summary

CVE-2024-53795 is a critical vulnerability affecting the Andy Moyle Church Admin system. It involves a missing authorization control, allowing unauthorized access to functionality. The issue is not properly constrained by Access Control Lists (ACLs), potentially enabling unintended modifications or actions. This vulnerability puts sensitive data and operations at risk for versions of the Church Admin software from n/a through 5.0.8. It is crucial for affected organizations to apply the necessary security updates as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share