PT-2024-25463 · Havelsan · Havelsan Inc. Dialogue
Published
2024-04-29
·
Updated
2024-09-26
·
CVE-2024-3375
CVSS v3.1
9.4
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H |
Name of the Vulnerable Software and Affected Versions
Havelsan Inc. Dialogue versions 1.83 through 1.83.1
Havelsan Inc. Dialogue version 1.84
Description
The issue is related to an Incorrect Permission Assignment for Critical Resource vulnerability, which allows accessing functionality not properly constrained by ACLs.
Recommendations
For Havelsan Inc. Dialogue versions 1.83 through 1.83.1, update to version 1.83.1 or later to resolve the issue.
For Havelsan Inc. Dialogue version 1.84, update to a version later than 1.84 to resolve the issue.
As a temporary workaround, consider restricting access to critical resources until a patch is available.
Fix
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Havelsan Inc. Dialogue