Back

CVE-2024-38449

June 17, 2024, 7:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

KasmVNC

  • 1.3.1.230e50f7b89663316c70de7b0e3db6f6b9340489 and possibly earlier versions

Source

cve@mitre.org

Tags

cve@mitre.org
2024-06-17
CVE-2024-38449

CVE-2024-38449 details

Published : June 17, 2024, 7:15 p.m.
Last Modified : June 17, 2024, 7:15 p.m.

Description

A Directory Traversal vulnerability in KasmVNC 1.3.1.230e50f7b89663316c70de7b0e3db6f6b9340489 and possibly earlier versions allows remote authenticated attackers to browse parent directories and read the content of files outside the scope of the application.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://github.com/kasmtech/KasmVNC/issues/254 cve@mitre.org
https://kasmweb.atlassian.net/servicedesk/customer/portal/3/topic/30ffee7f-4b85-4783-b118-6ae4fd8b0c52 cve@mitre.org
https://kasmweb.com/kasmvnc cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.