A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms 3.7. It has been rated as problematic. This issue affects the function preHandle of the file src/main/java/com/zzjee/wm/controller/WmOmNoticeHController.java. The manipulation of the argument request leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
History

Wed, 11 Dec 2024 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Huayi-tec
Huayi-tec jeewms
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:huayi-tec:jeewms:3.7:*:*:*:*:*:*:*
Vendors & Products Huayi-tec
Huayi-tec jeewms

Fri, 29 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Guangzhou Huayi Intelligent Technology
Guangzhou Huayi Intelligent Technology jeewms
CPEs cpe:2.3:a:guangzhou_huayi_intelligent_technology:jeewms:*:*:*:*:*:*:*:*
Vendors & Products Guangzhou Huayi Intelligent Technology
Guangzhou Huayi Intelligent Technology jeewms
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 28 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms 3.7. It has been rated as problematic. This issue affects the function preHandle of the file src/main/java/com/zzjee/wm/controller/WmOmNoticeHController.java. The manipulation of the argument request leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title Guangzhou Huayi Intelligent Technology Jeewms WmOmNoticeHController.java preHandle information disclosure
Weaknesses CWE-200
CWE-284
References
Metrics cvssV2_0

{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:N/A:N'}

cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-11-28T15:00:08.998Z

Updated: 2024-11-29T15:18:50.394Z

Reserved: 2024-11-28T09:04:47.608Z

Link: CVE-2024-11961

cve-icon Vulnrichment

Updated: 2024-11-29T15:18:43.137Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-28T15:15:18.527

Modified: 2024-12-11T19:59:30.533

Link: CVE-2024-11961

cve-icon Redhat

No data.