ГлавнаяУязвимости → CVE-2024-2635
7.3высокая

CVE-2024-2635

Описание

The configuration pages available are not intended to be placed on an Internet facing web server, as they expose file paths to the client, who can be an attacker. Instead of rewriting these pages to avoid this vulnerability, they will be dismissed from future releases of Cegid Meta4 HR, as they do not offer product functionality

CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-meta4-hr-cegidhttps://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-meta4-hr-cegid