CVE-2024-34024

CVSS 6.3 MEDIUMEPSS 0.4%

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 6.3EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

18 Jun 2024Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Observable response discrepancy issue exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, an unauthenticated remote attacker may determine if a username is valid or not.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Affected products

Fsas Technologies Inc. · FUJITSU Business Application ID Link Manager II Fsas Technologies Inc. · FUJITSU Software ID Link Manager Fsas Technologies Inc. · FUJITSU Software TIME CREATOR ID Link Manager Fsas Technologies Inc. · FUJITSU Software TIME CREATOR ID Link Manager SaaS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://jvn.jp/en/jp/JVN65171386/https://www.fujitsu.com/jp/group/fsas/about/resources/security/2024/0617.html