PT-2024-3912 — Improper Authentication in Unknown Netcat 1C8 Cms

PT-2024-3912 · Unknown · Netcat 1C8 Cms

Published

2024-03-27

Updated

2024-03-27

CVSS v2.0

7.1

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:N

Name of the Vulnerable Software and Affected Versions: Netcat 1C8 CMS (affected versions not specified)

Description: The issue is related to a weakness in the authentication procedure of the automatic data import function in the Netcat 1C8 CMS system. This weakness can be exploited by a remote attacker to bypass the HTTP Basic authentication process and gain unauthorized access to the data import function.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

BDU:2024-04322

Affected Products

Netcat 1C8 Cms

PT-2024-3912 · Unknown · Netcat 1C8 Cms

Weakness Enumeration

Related Identifiers

Affected Products

References · 1