CVE-2024-9984

Summary

CVE-2024-9984 identifies a critical vulnerability in the Enterprise Cloud Database from Ragic, which lacks proper authentication for specific functionalities. This flaw allows unauthenticated remote attackers to obtain any user's session cookie, posing a significant risk to user confidentiality and data integrity. The affected product is identified as 'zeRkxG.' To remediate this issue, it is recommended that organizations implement strict authentication mechanisms for the vulnerable functionalities. With a base score of 9.8 on the CVSS scale, this vulnerability has high potential impacts on availability and confidentiality, making it crucial for organizations to address promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.