PT-2024-31103 · Menulux Information Technologies · Menulux Information Technologies Managment Portal

Published

2024-08-29

Updated

2025-10-14

CVE-2024-4428

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Menulux Information Technologies Managment Portal versions through 21.05.2024

Description The issue is related to Improper Privilege Management, allowing the collection of data as provided by users.

Recommendations For Menulux Information Technologies Managment Portal versions through 21.05.2024, update to a version released after 21.05.2024 to resolve the issue. At the moment, there is no information about additional mitigation measures.

Fix

Missing Authentication

Missing Authorization

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306CWE-862CWE-269

Related Identifiers

CVE-2024-4428

Affected Products

Menulux Information Technologies Managment Portal

CVE-2024-4428

Weakness Enumeration

Related Identifiers

Affected Products

References · 8