CVE-2024-11318
CVSS V2 None
CVSS V3 None
Description
An IDOR (Insecure Direct Object Reference) vulnerability has been discovered in AbsysNet, affecting version 2.3.1. This vulnerability could allow a remote attacker to obtain the session of an unauthenticated user by brute-force attacking the session identifier on the "/cgi-bin/ocap/" endpoint.
Overview
- CVE ID
- CVE-2024-11318
- Assigner
- INCIBE
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-11-18T13:47:19.215Z
- Last Modified Date
- 2024-11-18T14:08:35.909Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.incibe.es/en/incibe-cert/notices/aviso/idor-vulnerability-absysnet |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-11318 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11318 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-11-19 13:21:32 | Added to TrackCVE |