Today > | 16 High | 14 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-52958

Nov. 27, 2024, 6:15 a.m.

Tags

CWE-347
ART@zuso.ai
2024-11-27
CVE-2024-52958

Product(s) Impacted

iota C.ai Conversational Platform

  • 1.0.0
  • 2.1.3

Description

A improper verification of cryptographic signature vulnerability in plugin management in iota C.ai Conversational Platform from 1.0.0 through 2.1.3 allows remote authenticated users to load a malicious DLL via upload plugin function.

Weaknesses

CWE-347
Improper Verification of Cryptographic Signature

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

CWE ID: 347

Date

Published: Nov. 27, 2024, 6:15 a.m.

Last Modified: Nov. 27, 2024, 6:15 a.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

ART@zuso.ai

References

https://zuso.ai/ ART@zuso.ai