CVE-2024-46897 | THREATINT

Description

Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and/or alter the information of the unauthorized table.

PUBLISHED Reserved 2024-10-03 | Published 2024-10-18 | Updated 2024-10-18 | Assigner jpcert

LOW: 3.8CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Problem types

Incorrect permission assignment for critical resource

Product status

v6.1.4 and earlier

affected

v5.0.11 and earlier

affected

References

exment.net/...respondence-version-6-1-5-and-5-0-12-released/

exment.net/docs/

jvn.jp/en/jp/JVN74538317/

cve.org (CVE-2024-46897)

nvd.nist.gov (CVE-2024-46897)

Download JSON