CVE-2024-7015

Improper Authentication, Missing Authentication for Critical Function, Improper Authorization vulnerability in Profelis Informatics and Consulting PassBox allows Authentication Abuse.This issue affects PassBox: before v1.2.
Configurations

Configuration 1 (hide)

cpe:2.3:a:profelis:passbox:*:*:*:*:*:*:*:*

History

23 Sep 2024, 09:15

Type Values Removed Values Added
References
  • {'url': 'https://https://www.usom.gov.tr/bildirim/tr-24-1418', 'tags': ['Broken Link'], 'source': 'iletisim@usom.gov.tr'}
  • () https://www.usom.gov.tr/bildirim/tr-24-1418 -

17 Sep 2024, 17:59

Type Values Removed Values Added
References () https://https://www.usom.gov.tr/bildirim/tr-24-1418 - () https://https://www.usom.gov.tr/bildirim/tr-24-1418 - Broken Link
Summary
  • (es) Vulnerabilidad de autenticación incorrecta, autenticación faltante para funciones críticas y autorización incorrecta en Profelis Informatics and Consulting PassBox permite el abuso de autenticación. Este problema afecta a PassBox: antes de v1.2.
CPE cpe:2.3:a:profelis:passbox:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
First Time Profelis passbox
Profelis

09 Sep 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-09 14:15

Updated : 2024-09-23 09:15


NVD link : CVE-2024-7015

Mitre link : CVE-2024-7015

CVE.ORG link : CVE-2024-7015


JSON object : View

Products Affected

profelis

  • passbox
CWE
CWE-285

Improper Authorization

CWE-287

Improper Authentication

CWE-306

Missing Authentication for Critical Function