CVE-2024-37131

Name of the Vulnerable Software and Affected Versions SCG Policy Manager, all versions

Description The issue is related to an overly permissive Cross-Origin Resource Policy (CORP) that could be exploited by a remote unauthenticated attacker. This could lead to the execution of malicious actions on the application in the context of the authenticated user.

Recommendations For SCG Policy Manager, all versions, consider restricting access to sensitive resources and implementing stricter CORP settings to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.