Lucene search
HistorySep 12, 2024 - 1:15 p.m.
CVE-2024-3306
authorization bypass
utarit information soliclub
exploiting
access control
ios
android
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
18.6%
Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android.
Affected configurations
Node
utaritsoliclubRange<4.4.0iphone_os
ORutaritsoliclubRange<5.2.1android
References
Related
vulnrichment
vulnrichment
CVE-2024-3306 IDOR in Utarit Information's SoliClub
2024-09-12 13:06:12
cve
cve
CVE-2024-3306
2024-09-12 13:15:12
cvelist
cvelist
CVE-2024-3306 IDOR in Utarit Information's SoliClub
2024-09-12 13:06:12
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
18.6%
Related for NVD:CVE-2024-3306