OMFLOW from The SYSCOM Group does not properly restrict the query range of its data query functionality, allowing remote attackers with regular privileges to obtain accounts and password hashes of other users.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/en/cp-139-8078-36fc9-2.html | Third Party Advisory |
https://www.twcert.org.tw/tw/cp-132-8077-7a7c0-1.html | Third Party Advisory |
Configurations
History
20 Sep 2024, 14:35
Type | Values Removed | Values Added |
---|---|---|
First Time |
Syscomgo omflow
Syscomgo |
|
CPE | cpe:2.3:a:syscomgo:omflow:*:*:*:*:*:*:*:* | |
CWE | NVD-CWE-noinfo | |
References | () https://www.twcert.org.tw/en/cp-139-8078-36fc9-2.html - Third Party Advisory | |
References | () https://www.twcert.org.tw/tw/cp-132-8077-7a7c0-1.html - Third Party Advisory |
16 Sep 2024, 15:30
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
16 Sep 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-16 06:15
Updated : 2024-09-20 14:35
NVD link : CVE-2024-8780
Mitre link : CVE-2024-8780
CVE.ORG link : CVE-2024-8780
JSON object : View
Products Affected
syscomgo
- omflow
CWE