java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter.
History

Wed, 27 Nov 2024 21:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:geeeeeeeek:java_shop:*:*:*:*:*:*:*:*
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 22 Nov 2024 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Geeeeeeeek
Geeeeeeeek java Shop
Weaknesses CWE-639
CPEs cpe:2.3:a:geeeeeeeek:java_shop:1.0:*:*:*:*:*:*:*
Vendors & Products Geeeeeeeek
Geeeeeeeek java Shop
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}


Fri, 15 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
Description java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-11-15T00:00:00

Updated: 2024-11-27T20:23:31.755Z

Reserved: 2024-10-28T00:00:00

Link: CVE-2024-50651

cve-icon Vulnrichment

Updated: 2024-11-27T20:18:28.801Z

cve-icon NVD

Status : Modified

Published: 2024-11-15T16:15:36.783

Modified: 2024-11-27T21:15:07.573

Link: CVE-2024-50651

cve-icon Redhat

No data.