PT-2025-3257 · Posimyth · Posimyth Nexter Blocks

Khalid Yusuf

Publicado

2025-01-07

Atualizado

2025-01-07

CVE-2024-56294

CVSS v3.1

6.4

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L

Name of the Vulnerable Software and Affected Versions POSIMYTH Nexter Blocks versions 4.0.7 and earlier

Description The issue is related to a Missing Authorization vulnerability in POSIMYTH Nexter Blocks, which allows exploiting incorrectly configured access control security levels.

Recommendations For versions 4.0.7 and earlier, update to a version that fixes the Missing Authorization vulnerability. As a temporary workaround, consider restricting access to sensitive areas of the application to minimize the risk of exploitation.

Correção

Missing Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-862

Identificadores relacionados

CVE-2024-56294

Produtos afetados

Posimyth Nexter Blocks

PT-2025-3257 · Posimyth · Posimyth Nexter Blocks

CVE-2024-56294

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4