CVE-2024-44450

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions AIMS eCrew versions prior to JUN23 #190

Description Multiple functions in AIMS eCrew are vulnerable to Authorization Bypass. The issue was fixed in version JUN23 #190.

Recommendations For versions prior to JUN23 #190, update to version JUN23 #190 to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable functions until the update is applied.

Fix

IDOR

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-639

Related Identifiers

CVE-2024-44450

Affected Products

Aims Ecrew

CVE-2024-44450

Weakness Enumeration

Related Identifiers

Affected Products

References · 5