CVE-2024-37346

Name of the Vulnerable Software and Affected Versions Absolute Secure Access versions prior to 13.06

Description The issue is related to insufficient input validation in the Warehouse component. Attackers with system administrator permissions can impair the availability of certain elements of the Secure Access administrative UI by writing invalid data to the warehouse over the network. There is no loss of warehouse integrity or confidentiality. The loss of availability is high.

Recommendations For versions prior to 13.06, update to version 13.06 as soon as possible to safeguard the system. As a temporary workaround, consider restricting access to the Warehouse component to minimize the risk of exploitation.