← voltar
CVE-2024-23537

Apache Fineract: Under certain circumstances, this vulnerability allowed users, without specific permissions, to escalate their privileges to any role.

CVSS 8.4 HIGHEPSS 1.1%CWE-269
Improper Privilege Management vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5. Users are recommended to upgrade to version 1.9.0, which fixes the issue.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Produtos afetados
Apache Software Foundation · Apache Fineract

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://cwiki.apache.org/confluence/display/FINERACT/Apache+Fineract+Security+Reporthttps://lists.apache.org/thread/fq1ns4nprw2vqpkwwj9sw45jkwxmt9f1http://www.openwall.com/lists/oss-security/2024/03/29/1