CVE-2024-40873
CVE-2024-40873
Título es
CVE-2024-40873
Jue, 25/07/2024 – 18:15
Tipo
CWE-79
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-40873
Descripción en
There is a cross-site scripting vulnerability in the Secure
Access administrative console of Absolute Secure Access prior to version 13.07.
Attackers with system administrator permissions can interfere with another
system administrator’s use of the publishing UI when the administrators are
editing the same management object. The scope is unchanged, there is no loss of
confidentiality. Impact to system availability is none, impact to system
integrity is high.
Access administrative console of Absolute Secure Access prior to version 13.07.
Attackers with system administrator permissions can interfere with another
system administrator’s use of the publishing UI when the administrators are
editing the same management object. The scope is unchanged, there is no loss of
confidentiality. Impact to system availability is none, impact to system
integrity is high.
25/07/2024
25/07/2024
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
Gravedad 3.1 (CVSS 3.1 Base Score)
4.50
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM
Enviar en el boletín
Off
