The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOP_EDIT_USER_GET_PIN_FIELDS, allowing for an unauthenticated attacker to return the pin value of any user
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: directcyber

Published: 2024-04-14T23:48:05.450Z

Updated: 2024-08-02T01:17:58.069Z

Reserved: 2024-03-21T00:52:45.515Z

Link: CVE-2024-29840

cve-icon Vulnrichment

Updated: 2024-08-02T01:17:58.069Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-04-15T00:15:13.753

Modified: 2024-11-21T09:08:26.883

Link: CVE-2024-29840

cve-icon Redhat

No data.