PT-2024-19185 · Dynamsoft · Dynamsoft Service
Published
2024-06-06
·
Updated
2025-03-18
·
CVE-2024-22074
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Dynamsoft Service versions 1.0.516 through 1.3.0115
Dynamsoft Service versions 1.4.0618 through 1.4.1230
Dynamsoft Service versions 1.5.0625 through 1.5.3116
Dynamsoft Service versions 1.6.0428 through 1.6.1112
Dynamsoft Service versions 1.7.0330 through 1.7.2531
Dynamsoft Service versions 1.8.1025 through 1.8.2013
Description
The issue is related to Incorrect Access Control in Dynamsoft Service. This is fixed in versions 1.8.2014, 1.7.4212, 1.6.3212, 1.5.31212, 1.4.3212, and 1.3.3212.
Recommendations
For Dynamsoft Service versions 1.0.516 through 1.3.0115, update to version 1.3.3212.
For Dynamsoft Service versions 1.4.0618 through 1.4.1230, update to version 1.4.3212.
For Dynamsoft Service versions 1.5.0625 through 1.5.3116, update to version 1.5.31212.
For Dynamsoft Service versions 1.6.0428 through 1.6.1112, update to version 1.6.3212.
For Dynamsoft Service versions 1.7.0330 through 1.7.2531, update to version 1.7.4212.
For Dynamsoft Service versions 1.8.1025 through 1.8.2013, update to version 1.8.2014.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dynamsoft Service