Lucene search

CVE-2020-24765

🗓️ 20 Oct 2020 20:14:15Reported by mitreType

cve🔗 web.nvd.nist.gov👁 51 Views🌐 WEB

InterMind iMind Server through 3.13.65 allows remote unauthenticated attackers to read the self-diagnostic archiv

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
NVD	CVE-2020-24765	20 Oct 202020:15	–	nvd
GithubExploit	Exploit for Forced Browsing in Mind Imind Server	7 Jul 202017:15	–	githubexploit
Prion	Server side request forgery (ssrf)	20 Oct 202020:15	–	prion
AttackerKB	CVE-2020-24765	20 Oct 202000:00	–	attackerkb
Cvelist	CVE-2020-24765	20 Oct 202019:11	–	cvelist

Nvd

Node

mind imind_serverRange≤3.13.65

Source	Link
github	www.github.com/trump88/CVE-2020-24765

Parameter	Position	Path	Description	CWE
server	query param	/api/rs/monitoring/rs/api/system/dump-diagnostic-info	Authentication Bypass Vulnerability allows any user to steal the self-diagnostic archive.	CWE-425

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Oct 2020 20:15Current

7.4High risk

Vulners AI Score7.4

CVSS25

CVSS37.5

EPSS0.53277