CVE-2024-3270

CVE-2024-3270 affects ThingsBoard up to version 3.6.2, involving the AdvancedFeature component. The vulnerability enables improper access control and can be exploited remotely; public exploit information exists. Vendor plans a fix in version 3.7. Remediation noted: upgrade to ThingsBoard 3.7 or l...

CVE-2024-3270 ThingsBoard AdvancedFeature access control

A vulnerability classified as problematic was found in ThingsBoard up to 3.6.2. This vulnerability affects unknown code of the component AdvancedFeature. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...

CVE-2024-3270 ThingsBoard AdvancedFeature access control

A vulnerability classified as problematic was found in ThingsBoard up to 3.6.2. This vulnerability affects unknown code of the component AdvancedFeature. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...

PT-2024-24786 · Unknown · Thingsboard

Name of the Vulnerable Software and Affected Versions: ThingsBoard versions up to 3.6.2 Description: A problematic issue was found in the AdvancedFeature component, leading to improper access controls. The attack can be initiated remotely. The issue affects unknown code and may be exploited. The...

ThingsBoard 访问控制错误漏洞

ThingsBoard is a Java-based platform for IOT devices for monitoring, management, and data collection by the ThingsBoard team. An access control error vulnerability exists in ThingsBoard 3.6.2 and earlier versions, which stems from an access control error vulnerability in the component...