CVE-2024-45877 in TOPqw Webportalinfo

Zusammenfassung

von MITRE • 13.11.2024

baltic-it TOPqw Webportal v1.35.283.2 is vulnerable to Incorrect Access Control in the User Management function in /Apps/TOPqw/BenutzerManagement.aspx. This allows a low privileged user to access all modules in the web portal, view and manipulate information and permissions of other users, lock other user or unlock the own account, change the password of other users, create new users or delete existing users and view, manipulate and delete reference data.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

MITRE

Reservieren

11.09.2024

Veröffentlichung

13.11.2024

Moderieren

akzeptiert

Eintrag

VDB-284447

CPE

bereit

CWE

CWE-284 (bestätigt)

CVSS

6.5 (CNA)

EPSS

0.00395

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-45877
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-45877
CVE Details	https://www.cvedetails.com/cve/CVE-2024-45877/

◂ Zurück Übersicht Weiter ▸

Do you know our Splunk app?

Download it now for free!