← back
CVE-2024-5618

Broken Access Control in PruvaSoft Informatics' Apinizer Management Console

CVSS 9.9 CRITICALEPSS 0.4%CWE-732
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.9EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
18 Jul 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics Apinizer Management Console allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Apinizer Management Console: before 2024.05.1.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Affected products
PruvaSoft Informatics · Apinizer Management Console

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1010https://www.usom.gov.tr/bildirim/tr-24-1010