6 matches found
CVE-2024-40410
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain a hardcoded cryptographic key used for encryption...
CVE-2024-40410
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain a hardcoded cryptographic key used for encryption...
CVE-2024-40404
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the API endpoint where Web Sockets connections are established...
CVE-2024-40410
Cybele Software Thinfinity Workspace prior to v7.0.2.113 is affected by a hardcoded cryptographic key used for encryption. The vulnerability affects Thinfinity Workspace versions before 7.0.2.113, enabling potential cryptographic misuse via the embedded key. Remediation: upgrade to v7.0.2.113 or ...
CVE-2024-40408
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the Create Profile section. This vulnerability allows attackers to create arbitrary user profiles with elevated privileges...
CVE-2024-40404
CVE-2024-40404 affects Cybele Software Thinfinity Workspace prior to version 7.0.2.113. The issue is an access control flaw in the API endpoint used to establish WebSocket connections. The Red Hat, NVD, CNNVD, CVE.org and PTSecurity entries corroborate that versions before 7.0.2.113 are vulnerabl...