CVE-2024-44760

Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise Management System v5.0 through v18.8 allows attackers to access sensitive information regarding the server.
Configurations

Configuration 1 (hide)

cpe:2.3:a:sunmochina:enterprise_management_system:*:*:*:*:*:*:*:*

History

15 Nov 2024, 20:15

Type Values Removed Values Added
References
  • () https://github.com/WarmBrew/web_vul/blob/main/CVES/CVE-2024-44760.md -

30 Aug 2024, 15:55

Type Values Removed Values Added
References () https://github.com/WarmBrew/web_vul/blob/main/SunmoEMS/SunmoEMS-info.md - () https://github.com/WarmBrew/web_vul/blob/main/SunmoEMS/SunmoEMS-info.md - Exploit
CPE cpe:2.3:a:sunmochina:enterprise_management_system:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 9.1
v2 : unknown
v3 : 7.5
CWE NVD-CWE-Other
First Time Sunmochina enterprise Management System
Sunmochina

29 Aug 2024, 13:25

Type Values Removed Values Added
Summary
  • (es) El control de acceso incorrecto en el componente /servlet/SnoopServlet de Shenzhou News Union Enterprise Management System v5.0 a v18.8 permite a los atacantes acceder a información confidencial sobre el servidor.

28 Aug 2024, 21:35

Type Values Removed Values Added
CWE CWE-276
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.1

28 Aug 2024, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-28 20:15

Updated : 2024-11-15 20:15


NVD link : CVE-2024-44760

Mitre link : CVE-2024-44760

CVE.ORG link : CVE-2024-44760


JSON object : View

Products Affected

sunmochina

  • enterprise_management_system
CWE
NVD-CWE-Other CWE-276

Incorrect Default Permissions