The file-serving function in TARGIT Decision Suite before 24.06.19002 (TARGIT Decision Suite 2024 – June) allows authenticated attackers to read or write to server files via a crafted file request. This can allow code execution via a .xview file.
Metrics
Affected Vendors & Products
References
History
Fri, 27 Sep 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The file-serving function in TARGIT Decision Suite 23.2.15007 allows authenticated attackers to read or write to server files via a crafted file request. This can allow code execution via a .xview file. | The file-serving function in TARGIT Decision Suite before 24.06.19002 (TARGIT Decision Suite 2024 – June) allows authenticated attackers to read or write to server files via a crafted file request. This can allow code execution via a .xview file. |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-05-29T00:00:00
Updated: 2024-09-27T14:47:46.059611
Reserved: 2024-05-27T00:00:00
Link: CVE-2024-36427
Vulnrichment
Updated: 2024-08-02T03:37:05.177Z
NVD
Status : Awaiting Analysis
Published: 2024-05-29T16:15:11.090
Modified: 2024-11-21T09:22:09.557
Link: CVE-2024-36427
Redhat
No data.