TROYANOSYVIRUS
Voltar para CVEs

CVE-2024-48352

HIGH
7.5

Descricao

Yealink Meeting Server before V26.0.0.67 is vulnerable to sensitive data exposure in the server response via sending HTTP request with enterprise ID.

Detalhes CVE

Pontuacao CVSS v3.17.5
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado11/1/2024
Ultima modificacao11/5/2024
Fontenvd
Avistamentos honeypot0

Produtos afetados

yealink:yealink_meeting_server

Fraquezas (CWE)

CWE-922

Referencias

http://yealink.com(cve@mitre.org)
https://www.yealink.com/en/trust-center/security-advisories/e5c848c55b894231(cve@mitre.org)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.