CVE-2024-8040

Name of the Vulnerable Software and Affected Versions: 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2024x

Description: The issue is an authorization bypass through a user-controlled key vulnerability. This allows an authenticated attacker to access some unauthorized data. The vulnerability is related to the 3DSwym component in the 3DSwymer on Release 3DEXPERIENCE R2024x.

Recommendations: As a temporary workaround, consider restricting access to sensitive data until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.