Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-4423

May 14, 2024, 4:11 p.m.

Tags

cvd@cert.pl
CWE-89
2024-05-14
CVE-2024-4423

Product(s) Impacted

CemiPark software

  • 4.5
  • 4.7
  • 5.03

Description

The access control in CemiPark software does not properly validate user-entered data, which allows the authentication bypass. An attacker who has network access to the login panel can log in with administrator rights to the application.This issue affects CemiPark software: 4.5, 4.7, 5.03 and potentially others. The vendor refused to provide the specific range of affected products.

Weaknesses

Date

Published: May 14, 2024, 3:43 p.m.

Last Modified: May 14, 2024, 4:11 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

cvd@cert.pl

References

http://cemi.pl/ cvd@cert.pl
https://cert.pl/ cvd@cert.pl
https://cert.pl/ cvd@cert.pl