The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOP_EDIT_USER_GET_PIN_FIELDS, allowing for an unauthenticated attacker to return the pin value of any user
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: directcyber
Published: 2024-04-14T23:48:05.450Z
Updated: 2024-08-02T01:17:58.069Z
Reserved: 2024-03-21T00:52:45.515Z
Link: CVE-2024-29840
Vulnrichment
Updated: 2024-08-02T01:17:58.069Z
NVD
Status : Awaiting Analysis
Published: 2024-04-15T00:15:13.753
Modified: 2024-11-21T09:08:26.883
Link: CVE-2024-29840
Redhat
No data.