CVE-2024-6737

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jul 15, 2024

Updated: Jul 16, 2024

CWE ID 284

Summary

CVE-2024-6737 is a vulnerability affecting the Electronic Official Document Management System from 2100 TECHNOLOGY. This issue stems from insufficient access control, which enables remote attackers with standard privileges to bypass restrictions and access the account settings functionalities. Unauthorized users can then create administrator accounts, posing a significant risk to system security and data integrity. This vulnerability requires immediate attention from system administrators and the affected vendor, as it can lead to unintended consequences and potential data breaches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xBRqSV
https://www.cve.org/CVERecord?id=CVE-2024-6737
https://nvd.nist.gov/vuln/detail/CVE-2024-6737

Back to Vulnerability Database

CVE-2024-6737

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations