CVE-2024-9819

Published: Dec 17, 2024Modified: Jun 2, 2026Deferred

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: iletisim@usom.gov.tr (Secondary)

Description

Authorization Bypass Through User-Controlled Key vulnerability in NextGeography NG Analyser allows Functionality Misuse. This issue affects NG Analyser: before 2.2.711.

Related CWEs

CWE-639

Authorization Bypass Through User-Controlled Key

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

References (2)

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1889

Source: iletisim@usom.gov.tr

https://www.usom.gov.tr/bildirim/tr-24-1889

Source: iletisim@usom.gov.tr

Timeline

No history available yet.