Lucene search
TR-CERTVULNRICHMENT:CVE-2024-7015HistorySep 09, 2024 - 2:03 p.m.
CVE-2024-7015 Improper Authentication in Profelis Informatics and Consulting's PassBOX
2024-09-0914:03:05
CWE-306
CWE-285
CWE-287
TR-CERT
github.com
improper authentication
missing authentication
improper authorization
profelis informatics
passbox
cve-2024-7015
CVSS4
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/SC:H/VI:L/SI:L/VA:N/SA:N
AI Score
7
Confidence
High
EPSS
0.001
Percentile
39.6%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Improper Authentication, Missing Authentication for Critical Function, Improper Authorization vulnerability in Profelis Informatics and Consulting PassBox allows Authentication Abuse.This issue affects PassBox: before v1.2.
CVSS4
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/SC:H/VI:L/SI:L/VA:N/SA:N
AI Score
7
Confidence
High
EPSS
0.001
Percentile
39.6%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-7015