CVE-2024-28200

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions N-central versions prior to 2024.2

Description The issue concerns an authentication bypass of the user interface. It was discovered through an internal source code review, and there have been no observed exploitations in the wild.

Recommendations For versions prior to 2024.2, update to version 2024.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the user interface until the update can be applied.

Fix

Authentication Bypass Using an Alternate Path or Channel

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-288CWE-287

Related Identifiers

CVE-2024-28200

Affected Products

N-Central

CVE-2024-28200

Weakness Enumeration

Related Identifiers

Affected Products

References · 7