PT-2024-30393 · Unknown · Shared Files

Abdi Pranata

Published

2024-08-26

Updated

2024-09-18

CVE-2024-43230

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Shared Files versions 1.7.28 and earlier

Description The issue is related to the exposure of sensitive information to an unauthorized actor, specifically in the Shared Files – File Upload Form. This is a problem where sensitive data can be accessed by someone who should not have access to it.

Recommendations For versions 1.7.28 and earlier, upgrade to version 1.7.29 to remediate the issue. As a temporary workaround, consider restricting access to the Shared Files – File Upload Form until the upgrade is applied.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-201CWE-200

Related Identifiers

CVE-2024-43230

Affected Products

Shared Files

PT-2024-30393 · Unknown · Shared Files

CVE-2024-43230

Weakness Enumeration

Related Identifiers

Affected Products

References · 7