CVE-2024-3375

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-3375
Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Dialogue: from v1.83 before v1.83.1 or v1.84.

9.4 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.usom.gov.tr/bildirim/tr-24-0363
https://www.usom.gov.tr/bildirim/tr-24-0363
Configurations

No configuration.

History

21 Nov 2024, 09:29

Type Values Removed Values Added
References () https://www.usom.gov.tr/bildirim/tr-24-0363 - () https://www.usom.gov.tr/bildirim/tr-24-0363 -

26 Sep 2024, 12:15

Type Values Removed Values Added
CWE CWE-276 CWE-732

27 Aug 2024, 07:15

Type Values Removed Values Added
Summary
  • (es) Asignación de permisos incorrecta para una vulnerabilidad de recursos críticos en Havelsan Inc. Dialogue permite acceder a funciones no restringidas adecuadamente por las ACL. Este problema afecta a Dialogue: desde v1.83 antes de v1.83.1 o v1.84.
Summary (en) Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Dialogue: from v1.83 before v1.83.1 or v1.84. (en) Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Dialogue: from v1.83 before v1.83.1 or v1.84.
CWE CWE-732 CWE-276

29 Apr 2024, 09:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-04-29 09:15

Updated : 2024-11-21 09:29

NVD link : CVE-2024-3375

Mitre link : CVE-2024-3375

CVE.ORG link : CVE-2024-3375

JSON object : View

Products Affected

No product.

CWE
CWE-732

Incorrect Permission Assignment for Critical Resource