CVE-2024-9983

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 15, 2024
CWE ID 23

Summary

CVE-2024-9983 is a vulnerability in the Enterprise Cloud Database from Ragic, which fails to properly validate a specific page parameter, enabling unauthenticated remote attackers to read arbitrary system files. Affected products include zeRkxG, and the vulnerability has a high severity rating with a base score of 7.5 and an exploitability score of 3.9. The attack vector is network-based, requiring no privileges or user interaction, indicating low complexity for potential exploitation. Organizations are advised to implement necessary validations and security measures to mitigate risks associated with unauthorized file access. If exploited, this vulnerability poses a significant confidentiality threat to sensitive data within the affected systems.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share