PT-2024-36649 · Torod · Torod
Mika
·
Published
2024-12-31
·
Updated
2024-12-31
·
CVE-2024-55995
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Torod versions n/a through 1.7
Description
The issue is caused by incorrectly configured access control security levels, allowing exploitation of missing authorization. This enables unauthorized access via misconfigured controls.
Recommendations
For Torod versions n/a through 1.7, consider reconfiguring access control security levels to properly restrict access and mitigate the risk of exploitation. As a temporary workaround, review and adjust the existing security settings to ensure correct authorization is enforced.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Torod