CVE-2024-50618

Name of the Vulnerable Software and Affected Versions CIPPlanner CIPAce versions prior to 9.17

Description A weakness exists in the Authentication component of CIPPlanner CIPAce that allows attackers to bypass a security measure. Specifically, the system’s reliance on single-factor authentication presents a risk. If the secret associated with this authentication method is compromised, an attacker could potentially gain full authentication, particularly when the system is configured to permit login with internal accounts.

Recommendations Update to version 9.17 or later.