The file-serving function in TARGIT Decision Suite before 24.06.19002 (TARGIT Decision Suite 2024 – June) allows authenticated attackers to read or write to server files via a crafted file request. This can allow code execution via a .xview file.
History

Fri, 27 Sep 2024 15:00:00 +0000

Type Values Removed Values Added
Description The file-serving function in TARGIT Decision Suite 23.2.15007 allows authenticated attackers to read or write to server files via a crafted file request. This can allow code execution via a .xview file. The file-serving function in TARGIT Decision Suite before 24.06.19002 (TARGIT Decision Suite 2024 – June) allows authenticated attackers to read or write to server files via a crafted file request. This can allow code execution via a .xview file.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-05-29T00:00:00

Updated: 2024-09-27T14:47:46.059611

Reserved: 2024-05-27T00:00:00

Link: CVE-2024-36427

cve-icon Vulnrichment

Updated: 2024-08-02T03:37:05.177Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-29T16:15:11.090

Modified: 2024-11-21T09:22:09.557

Link: CVE-2024-36427

cve-icon Redhat

No data.