PT-2024-27191 · Zhejiang Land Zongheng Network Technology · O2Oa
Ting
·
Published
2024-04-12
·
Updated
2025-09-19
·
CVE-2024-3689
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Zhejiang Land Zongheng Network Technology O2OA up to 20240403
Description
A problematic vulnerability has been found, affecting an unknown function of the file /x portal assemble surface/jaxrs/portal/list?v=8.2.3-4-43f4fe3. This issue leads to information disclosure and can be exploited remotely, although the complexity of the attack is rather high and the exploitability is difficult.
Recommendations
For Zhejiang Land Zongheng Network Technology O2OA up to 20240403, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
O2Oa