← back
CVE-2024-33620

CVE-2024-33620

CVSS 8.6 HIGHEPSS 0.7%CWE-36
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.6EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
18 Jun 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Absolute path traversal vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, the file contents including sensitive information on the server may be retrieved by an unauthenticated remote attacker.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Affected products
Fsas Technologies Inc. · FUJITSU Business Application ID Link Manager IIFsas Technologies Inc. · FUJITSU Software ID Link ManagerFsas Technologies Inc. · FUJITSU Software TIME CREATOR ID Link Manager

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jvn.jp/en/jp/JVN65171386/https://www.fujitsu.com/jp/group/fsas/about/resources/security/2024/0617.html