admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/47xxx/CVE-2024-47651.json
CVE Team 8b8b131e51
"-Synchronized-Data."
2024-10-04 13:00:30 +00:00

89 lines
2.8 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-47651",
"ASSIGNER": "vdisclose@cert-in.org.in",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This vulnerability exists in Shilpi Client Dashboard due to improper handling of multiple parameters in the API endpoint. An authenticated remote attacker could exploit this vulnerability by including multiple \u201cuserid\u201d parameters in the API request body leading to unauthorized access of sensitive information belonging to other users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-235: Improper Handling of Extra Parameters",
"cweId": "CWE-235"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Shilpi Computers",
"product": {
"product_data": [
{
"product_name": "Client Dashboard",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "<9.7.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0313",
"refsource": "MISC",
"name": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0313"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade Client Dashboard to version 9.7.0 <br>"
}
],
"value": "Upgrade Client Dashboard to version 9.7.0"
}
],
"credits": [
{
"lang": "en",
"value": "This vulnerability is reported by Mohit Gadiya."
}
]
}
Reference in New Issue View Git Blame Copy Permalink