← back
CVE-2024-4428

Sensetive Data Exposure in Menulux Managment Portal

CVSS 6.9 MEDIUMEPSS 0.5%CWE-306CWE-862
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.9EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
29 Aug 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Missing Authentication for Critical Function, Missing Authorization vulnerability in Menulux Information Technologies Managment Portal allows Collect Data as Provided by Users. This issue affects Managment Portal: through 21.05.2024.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:L

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →