Lucene search

TR-CERTVULNRICHMENT:CVE-2024-5862

HistoryJun 24, 2024 - 12:31 p.m.

CVE-2024-5862 User Enumeration in Mia Technology's Mia-Med Health Aplication

2024-06-2412:31:17

CWE-307

TR-CERT

github.com

cve-2024-5862

user enumeration

mia technology

mia-med health aplication

interface manipulation

improper restriction

excessive authentication attempts

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.3%

JSON

Improper Restriction of Excessive Authentication Attempts vulnerability in Mia Technology Inc. Mia-Med Health Aplication allows Interface Manipulation.This issue affects Mia-Med Health Aplication: before 1.0.14.

CNA Affected

[
  {
    "vendor": "Mia Technology Inc.",
    "product": "Mia-Med Health Aplication",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "1.0.14",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.usom.gov.tr/bildirim/tr-24-0765

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.3%

JSON

Related for VULNRICHMENT:CVE-2024-5862