CVE-2024-53696

CVE-2024-53696

Título es
CVE-2024-53696

Vie, 07/03/2025 – 17:15

Tipo
CWE-918

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-53696

Descripción en
A server-side request forgery (SSRF) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read application data.

We have already fixed the vulnerability in the following versions:
QuLog Center 1.7.0.829 ( 2024/10/01 ) and later
QuLog Center 1.8.0.888 ( 2024/10/15 ) and later
QTS 4.5.4.2957 build 20241119 and later
QuTS hero h4.5.4.2956 build 20241119 and later

07/03/2025

07/03/2025

Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Gravedad 4.0
5.10

Gravedad 4.0 txt
MEDIUM

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis

Referencias

Enviar en el boletín
Off