CVE-2024-40408

Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the Create Profile section. This vulnerability allows attackers to create arbitrary user profiles with elevated privileges...

CVE-2024-40404

Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the API endpoint where Web Sockets connections are established...

CVE-2024-40410

Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain a hardcoded cryptographic key used for encryption...

CVE-2024-40407

A full path disclosure in Cybele Software Thinfinity Workspace before v7.0.2.113 allows attackers to obtain the root path of the application via unspecified vectors...

CVE-2024-40405

Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows attackers to gain access to a secondary broker via a crafted request...

CVE-2024-40410

Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain a hardcoded cryptographic key used for encryption...

CVE-2024-40408

Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the Create Profile section. This vulnerability allows attackers to create arbitrary user profiles with elevated privileges...

CVE-2024-40410

Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain a hardcoded cryptographic key used for encryption...

CVE-2024-40405

Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows attackers to gain access to a secondary broker via a crafted request...

CVE-2024-40404

Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the API endpoint where Web Sockets connections are established...

CVE-2024-40405

Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows attackers to gain access to a secondary broker via a crafted request...

CVE-2024-40404

Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the API endpoint where Web Sockets connections are established...

CVE-2024-40407

A full path disclosure in Cybele Software Thinfinity Workspace before v7.0.2.113 allows attackers to obtain the root path of the application via unspecified vectors...

CVE-2024-40407

A full path disclosure in Cybele Software Thinfinity Workspace before v7.0.2.113 allows attackers to obtain the root path of the application via unspecified vectors...

Cybele Software Thinfinity Workspace 安全漏洞

Cybele Software Thinfinity Workspace is an integrated solution for virtualizing applications, desktops, data and accessing any host from a unified portal from Cybele Software, USA. A security vulnerability exists in Cybele Software Thinfinity Workspace versions prior to v7.0.3.109 that stems from...

CVE-2024-40410

Cybele Software Thinfinity Workspace prior to v7.0.2.113 is affected by a hardcoded cryptographic key used for encryption. The vulnerability affects Thinfinity Workspace versions before 7.0.2.113, enabling potential cryptographic misuse via the embedded key. Remediation: upgrade to v7.0.2.113 or ...

Cybele Software Thinfinity Workspace 安全漏洞

Cybele Software Thinfinity Workspace is an integrated solution for virtualizing applications, desktops, data and accessing any host from a unified portal from Cybele Software, USA. A security vulnerability exists in Cybele Software Thinfinity Workspace versions prior to v7.0.2.113 that stems from...

CVE-2024-40405

CVE-2024-40405 affects Cybele Software Thinfinity Workspace (before v7.0.3.109). The issue is described as incorrect access control that lets an attacker access a secondary broker via a crafted request. The vulnerability is documented with CVSS v3.1: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H (base scor...

CVE-2024-40405

Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows attackers to gain access to a secondary broker via a crafted request...

PT-2024-28832 · Cybele · Thinfinity Workspace

Name of the Vulnerable Software and Affected Versions: Cybele Software Thinfinity Workspace versions prior to 7.0.2.113 Description: A full path disclosure issue allows attackers to obtain the root path of the application via unspecified vectors. This could potentially be exploited to gain...