PT-2025-32284 · Unknown · Openorange Business Framework
Published
2025-08-07
·
Updated
2025-08-29
·
CVE-2024-42048
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
OpenOrange Business Framework version 1.15.5
Description
OpenOrange Business Framework versions 1.15.5 allows unprivileged users to write to the installation directory.
Recommendations
Restrict write access to the installation directory for unprivileged users.
Fix
LPE
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openorange Business Framework