CVE-2024-6406

Sensetive Data Exposure in Yordam Information Technology's Mobile Library Application

CVSS 8.5 HIGHEPSS 0.4%CWE-306 CWE-862

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 8.5EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

18 Sep 2024Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Missing Authentication for Critical Function, Missing Authorization vulnerability in Yordam Information Technology Mobile Library Application allows Retrieve Embedded Sensitive Data. This issue affects Mobile Library Application: before 5.0.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L

Affected products

Yordam Information Technology · Mobile Library Application

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1496 https://www.usom.gov.tr/bildirim/tr-24-1496