CVE-2024-36451

July 10, 2024, 7:15 a.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Webmin

  • before 2.003

Source

vultures@jpcert.or.jp

Tags

CVE-2024-36451 details

Published : July 10, 2024, 7:15 a.m.
Last Modified : July 10, 2024, 7:15 a.m.

Description

Improper handling of insufficient permissions or privileges vulnerability exists in ajaxterm module of Webmin prior to 2.003. If this vulnerability is exploited, a console session may be hijacked by an unauthorized user. As a result, data within a system may be referred, a webpage may be altered, or a server may be permanently halted.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://jvn.jp/en/jp/JVN81442045/ vultures@jpcert.or.jp
https://webmin.com/ vultures@jpcert.or.jp
This website uses the NVD API, but is not approved or certified by it.