CVE-2024-39703

CVSS V2 None CVSS V3 None
Description
In ThreatQuotient ThreatQ before 5.29.3, authenticated users are able to execute arbitrary commands by sending a crafted request to an API endpoint.
Overview
  • CVE ID
  • CVE-2024-39703
  • Assigner
  • mitre
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-12-18T00:00:00
  • Last Modified Date
  • 2024-12-18T15:14:01.729Z
Weakness Enumerations
CWE URL
CWE-77 http://cwe.mitre.org/data/definitions/77.html
References
Reference URL Reference Tags
https://threatq.freshdesk.com/helpdesk/tickets/10367
https://www.threatq.com/vulnerability-management/
https://www.cisa.gov/news-events/ics-advisories/icsa-24-352-01
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2024-39703
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39703
History
Created Old Value New Value Data Type Notes
2024-12-19 13:31:45 Added to TrackCVE