PT-2024-23222 · Privx · Privx
Published
2024-08-06
·
Updated
2024-08-12
·
CVE-2024-30170
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
PrivX versions prior to 34.0
Description
The issue allows data exfiltration and denial of service via the REST API.
Recommendations
For versions prior to 34.0, update to version 34.0 or later to resolve the issue.
Alternatively, for earlier major versions, update to minor versions 33.1, 32.3, or 31.3, or later, to fix the problem.
Exploit
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Privx