CVE-2024-44021

Published at:
2024-11-01T15:15:52.697
Source: [email protected]

Global infos:

Missing Authorization vulnerability in Truepush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Truepush: from n/a through 1.0.8.

CVE Status: Analyzed

References:

  • [email protected]
    •

    Metrics:

    AttributeValue
    Attack ComplexityLOW
    Attack VectorNETWORK
    Availability ImpactLOW
    Base Score5.4
    Base SeverityMEDIUM
    Confidentiality ImpactLOW
    Integrity ImpactNONE
    Privileges RequiredLOW
    ScopeUNCHANGED
    User InteractionNONE
    Vector StringCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
    Exploitability Score2.8
    Impact Score2.5
    Source[email protected]
    TypeSecondary

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords