Back

CVE-2024-3306

Sept. 12, 2024, 6:14 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

SoliClub

  • before 4.4.0 for iOS
  • before 5.2.1 for Android

Source

iletisim@usom.gov.tr

Tags

CWE-639
iletisim@usom.gov.tr
2024-09-12
CVE-2024-3306

CVE-2024-3306 details

Published : Sept. 12, 2024, 1:15 p.m.
Last Modified : Sept. 12, 2024, 6:14 p.m.

Description

Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description
CWE-639 Authorization Bypass Through User-Controlled Key The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

References

URL Source
https://www.usom.gov.tr/bildirim/tr-24-1457 iletisim@usom.gov.tr
This website uses the NVD API, but is not approved or certified by it.