← back
CVE-2024-12917

Improper Access Control in Agito Computer's Health4All

CVSS 8.3 HIGHEPSS 0.4%CWE-552
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.3EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
24 Feb 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Files or Directories Accessible to External Parties vulnerability in Agito Computer Health4All allows Exploiting Incorrectly Configured Access Control Security Levels, Authentication Abuse. This issue affects Health4All: before 10.01.2025.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Affected products
Agito Computer · Health4All

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0042https://www.usom.gov.tr/bildirim/tr-25-0042