CVE-2024-45241

A traversal vulnerability in GeneralDocs.aspx in CentralSquare CryWolf (False Alarm Management) through 2024-08-09 allows unauthenticated attackers to read files outside of the working web directory via the rpt parameter, leading to the disclosure of sensitive information.
Configurations

No configuration.

History

26 Aug 2024, 16:35

Type Values Removed Values Added
CWE CWE-22
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

26 Aug 2024, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-26 07:15

Updated : 2024-08-26 16:35


NVD link : CVE-2024-45241

Mitre link : CVE-2024-45241

CVE.ORG link : CVE-2024-45241


JSON object : View

Products Affected

No product.

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')