PT-2024-32001 · Unknown · Zonepoint For Windows
Nicolas Rodrigues
·
Published
2024-11-15
·
Updated
2024-11-25
·
CVE-2024-46467
CVSS v3.1
7.8
High
| Vector | AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
ZONEPOINT for Windows versions up to 2024.1
Description
The issue allows other users to access dedicated folders of ZONEPOINT for Windows by default, potentially misusing technical files and making them perform tasks with higher privileges.
Recommendations
For ZONEPOINT for Windows versions up to 2024.1, modify the configuration to prevent other users from accessing dedicated folders.
Fix
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Zonepoint For Windows