Lucene search

TR-CERTCVELIST:CVE-2024-5862

HistoryJun 24, 2024 - 12:31 p.m.

CVE-2024-5862 User Enumeration in Mia Technology's Mia-Med Health Aplication

2024-06-2412:31:17

CWE-307

TR-CERT

www.cve.org

cve-2024-5862

user enumeration

mia technology

interface manipulation

health aplication

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

37.3%

JSON

Improper Restriction of Excessive Authentication Attempts vulnerability in Mia Technology Inc. Mia-Med Health Aplication allows Interface Manipulation.This issue affects Mia-Med Health Aplication: before 1.0.14.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Mia-Med Health Aplication",
    "vendor": "Mia Technology Inc.",
    "versions": [
      {
        "lessThan": "1.0.14",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.usom.gov.tr/bildirim/tr-24-0765

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

37.3%

JSON

Related for CVELIST:CVE-2024-5862