Vulnerability Details CVE-2024-29842
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOP_EDIT_USER_GET_ABACARD_FIELDS, allowing for an unauthenticated attacker to return the abacard field of any user
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.1%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2024-29842
-
cpe:2.3:a:cs-technologies:evolution:2.04.290
-
cpe:2.3:a:cs-technologies:evolution:2.04.291
-
cpe:2.3:a:cs-technologies:evolution:2.04.292
-
cpe:2.3:a:cs-technologies:evolution:2.04.293
-
cpe:2.3:a:cs-technologies:evolution:2.04.294
-
cpe:2.3:a:cs-technologies:evolution:2.04.295
-
cpe:2.3:a:cs-technologies:evolution:2.04.296
-
cpe:2.3:a:cs-technologies:evolution:2.04.297
-
cpe:2.3:a:cs-technologies:evolution:2.04.298
-
cpe:2.3:a:cs-technologies:evolution:2.04.299
-
cpe:2.3:a:cs-technologies:evolution:2.04.300
-
cpe:2.3:a:cs-technologies:evolution:2.04.301
-
cpe:2.3:a:cs-technologies:evolution:2.04.302
-
cpe:2.3:a:cs-technologies:evolution:2.04.303
-
cpe:2.3:a:cs-technologies:evolution:2.04.304
-
cpe:2.3:a:cs-technologies:evolution:2.04.305
-
cpe:2.3:a:cs-technologies:evolution:2.04.306
-
cpe:2.3:a:cs-technologies:evolution:2.04.307
-
cpe:2.3:a:cs-technologies:evolution:2.04.308
-
cpe:2.3:a:cs-technologies:evolution:2.04.309
-
cpe:2.3:a:cs-technologies:evolution:2.04.310
-
cpe:2.3:a:cs-technologies:evolution:2.04.311
-
cpe:2.3:a:cs-technologies:evolution:2.04.312
-
cpe:2.3:a:cs-technologies:evolution:2.04.313
-
cpe:2.3:a:cs-technologies:evolution:2.04.314
-
cpe:2.3:a:cs-technologies:evolution:2.04.315
-
cpe:2.3:a:cs-technologies:evolution:2.04.316
-
cpe:2.3:a:cs-technologies:evolution:2.04.317
-
cpe:2.3:a:cs-technologies:evolution:2.04.318
-
cpe:2.3:a:cs-technologies:evolution:2.04.319
-
cpe:2.3:a:cs-technologies:evolution:2.04.320
-
cpe:2.3:a:cs-technologies:evolution:2.04.321
-
cpe:2.3:a:cs-technologies:evolution:2.04.322
-
cpe:2.3:a:cs-technologies:evolution:2.04.323
-
cpe:2.3:a:cs-technologies:evolution:2.04.324
-
cpe:2.3:a:cs-technologies:evolution:2.04.325
-
cpe:2.3:a:cs-technologies:evolution:2.04.326
-
cpe:2.3:a:cs-technologies:evolution:2.04.327
-
cpe:2.3:a:cs-technologies:evolution:2.04.328
-
cpe:2.3:a:cs-technologies:evolution:2.04.329
-
cpe:2.3:a:cs-technologies:evolution:2.04.330
-
cpe:2.3:a:cs-technologies:evolution:2.04.331
-
cpe:2.3:a:cs-technologies:evolution:2.04.332
-
cpe:2.3:a:cs-technologies:evolution:2.04.333
-
cpe:2.3:a:cs-technologies:evolution:2.04.334
-
cpe:2.3:a:cs-technologies:evolution:2.04.335
-
cpe:2.3:a:cs-technologies:evolution:2.04.336
-
cpe:2.3:a:cs-technologies:evolution:2.04.337
-
cpe:2.3:a:cs-technologies:evolution:2.04.338
-
cpe:2.3:a:cs-technologies:evolution:2.04.339
-
cpe:2.3:a:cs-technologies:evolution:2.04.340
-
cpe:2.3:a:cs-technologies:evolution:2.04.341
-
cpe:2.3:a:cs-technologies:evolution:2.04.342
-
cpe:2.3:a:cs-technologies:evolution:2.04.343
-
cpe:2.3:a:cs-technologies:evolution:2.04.344
-
cpe:2.3:a:cs-technologies:evolution:2.04.345
-
cpe:2.3:a:cs-technologies:evolution:2.04.346
-
cpe:2.3:a:cs-technologies:evolution:2.04.347
-
cpe:2.3:a:cs-technologies:evolution:2.04.348
-
cpe:2.3:a:cs-technologies:evolution:2.04.349
-
cpe:2.3:a:cs-technologies:evolution:2.04.350
-
cpe:2.3:a:cs-technologies:evolution:2.04.351
-
cpe:2.3:a:cs-technologies:evolution:2.04.352
-
cpe:2.3:a:cs-technologies:evolution:2.04.353
-
cpe:2.3:a:cs-technologies:evolution:2.04.354
-
cpe:2.3:a:cs-technologies:evolution:2.04.355
-
cpe:2.3:a:cs-technologies:evolution:2.04.356
-
cpe:2.3:a:cs-technologies:evolution:2.04.357
-
cpe:2.3:a:cs-technologies:evolution:2.04.358
-
cpe:2.3:a:cs-technologies:evolution:2.04.359
-
cpe:2.3:a:cs-technologies:evolution:2.04.360
-
cpe:2.3:a:cs-technologies:evolution:2.04.361
-
cpe:2.3:a:cs-technologies:evolution:2.04.362
-
cpe:2.3:a:cs-technologies:evolution:2.04.363
-
cpe:2.3:a:cs-technologies:evolution:2.04.364
-
cpe:2.3:a:cs-technologies:evolution:2.04.365
-
cpe:2.3:a:cs-technologies:evolution:2.04.366
-
cpe:2.3:a:cs-technologies:evolution:2.04.367
-
cpe:2.3:a:cs-technologies:evolution:2.04.368
-
cpe:2.3:a:cs-technologies:evolution:2.04.369
-
cpe:2.3:a:cs-technologies:evolution:2.04.370
-
cpe:2.3:a:cs-technologies:evolution:2.04.371
-
cpe:2.3:a:cs-technologies:evolution:2.04.372
-
cpe:2.3:a:cs-technologies:evolution:2.04.373
-
cpe:2.3:a:cs-technologies:evolution:2.04.374
-
cpe:2.3:a:cs-technologies:evolution:2.04.375
-
cpe:2.3:a:cs-technologies:evolution:2.04.376
-
cpe:2.3:a:cs-technologies:evolution:2.04.377
-
cpe:2.3:a:cs-technologies:evolution:2.04.378
-
cpe:2.3:a:cs-technologies:evolution:2.04.379
-
cpe:2.3:a:cs-technologies:evolution:2.04.380
-
cpe:2.3:a:cs-technologies:evolution:2.04.381
-
cpe:2.3:a:cs-technologies:evolution:2.04.382
-
cpe:2.3:a:cs-technologies:evolution:2.04.383
-
cpe:2.3:a:cs-technologies:evolution:2.04.384
-
cpe:2.3:a:cs-technologies:evolution:2.04.385
-
cpe:2.3:a:cs-technologies:evolution:2.04.386
-
cpe:2.3:a:cs-technologies:evolution:2.04.387
-
cpe:2.3:a:cs-technologies:evolution:2.04.388
-
cpe:2.3:a:cs-technologies:evolution:2.04.389
-
cpe:2.3:a:cs-technologies:evolution:2.04.390
-
cpe:2.3:a:cs-technologies:evolution:2.04.391
-
cpe:2.3:a:cs-technologies:evolution:2.04.392
-
cpe:2.3:a:cs-technologies:evolution:2.04.393
-
cpe:2.3:a:cs-technologies:evolution:2.04.394
-
cpe:2.3:a:cs-technologies:evolution:2.04.395
-
cpe:2.3:a:cs-technologies:evolution:2.04.396
-
cpe:2.3:a:cs-technologies:evolution:2.04.397
-
cpe:2.3:a:cs-technologies:evolution:2.04.398
-
cpe:2.3:a:cs-technologies:evolution:2.04.399
-
cpe:2.3:a:cs-technologies:evolution:2.04.400
-
cpe:2.3:a:cs-technologies:evolution:2.04.401
-
cpe:2.3:a:cs-technologies:evolution:2.04.402
-
cpe:2.3:a:cs-technologies:evolution:2.04.403
-
cpe:2.3:a:cs-technologies:evolution:2.04.404
-
cpe:2.3:a:cs-technologies:evolution:2.04.405
-
cpe:2.3:a:cs-technologies:evolution:2.04.406
-
cpe:2.3:a:cs-technologies:evolution:2.04.407
-
cpe:2.3:a:cs-technologies:evolution:2.04.408
-
cpe:2.3:a:cs-technologies:evolution:2.04.409
-
cpe:2.3:a:cs-technologies:evolution:2.04.410
-
cpe:2.3:a:cs-technologies:evolution:2.04.411
-
cpe:2.3:a:cs-technologies:evolution:2.04.412
-
cpe:2.3:a:cs-technologies:evolution:2.04.413
-
cpe:2.3:a:cs-technologies:evolution:2.04.414
-
cpe:2.3:a:cs-technologies:evolution:2.04.415
-
cpe:2.3:a:cs-technologies:evolution:2.04.416
-
cpe:2.3:a:cs-technologies:evolution:2.04.417
-
cpe:2.3:a:cs-technologies:evolution:2.04.418
-
cpe:2.3:a:cs-technologies:evolution:2.04.419
-
cpe:2.3:a:cs-technologies:evolution:2.04.420
-
cpe:2.3:a:cs-technologies:evolution:2.04.421
-
cpe:2.3:a:cs-technologies:evolution:2.04.422
-
cpe:2.3:a:cs-technologies:evolution:2.04.423
-
cpe:2.3:a:cs-technologies:evolution:2.04.424
-
cpe:2.3:a:cs-technologies:evolution:2.04.425
-
cpe:2.3:a:cs-technologies:evolution:2.04.426
-
cpe:2.3:a:cs-technologies:evolution:2.04.427
-
cpe:2.3:a:cs-technologies:evolution:2.04.428
-
cpe:2.3:a:cs-technologies:evolution:2.04.429
-
cpe:2.3:a:cs-technologies:evolution:2.04.430
-
cpe:2.3:a:cs-technologies:evolution:2.04.431
-
cpe:2.3:a:cs-technologies:evolution:2.04.432
-
cpe:2.3:a:cs-technologies:evolution:2.04.433
-
cpe:2.3:a:cs-technologies:evolution:2.04.434
-
cpe:2.3:a:cs-technologies:evolution:2.04.435
-
cpe:2.3:a:cs-technologies:evolution:2.04.436
-
cpe:2.3:a:cs-technologies:evolution:2.04.437
-
cpe:2.3:a:cs-technologies:evolution:2.04.438
-
cpe:2.3:a:cs-technologies:evolution:2.04.439
-
cpe:2.3:a:cs-technologies:evolution:2.04.440
-
cpe:2.3:a:cs-technologies:evolution:2.04.441
-
cpe:2.3:a:cs-technologies:evolution:2.04.442
-
cpe:2.3:a:cs-technologies:evolution:2.04.443
-
cpe:2.3:a:cs-technologies:evolution:2.04.444
-
cpe:2.3:a:cs-technologies:evolution:2.04.445
-
cpe:2.3:a:cs-technologies:evolution:2.04.446
-
cpe:2.3:a:cs-technologies:evolution:2.04.447
-
cpe:2.3:a:cs-technologies:evolution:2.04.448
-
cpe:2.3:a:cs-technologies:evolution:2.04.449
-
cpe:2.3:a:cs-technologies:evolution:2.04.550
-
cpe:2.3:a:cs-technologies:evolution:2.04.551
-
cpe:2.3:a:cs-technologies:evolution:2.04.552
-
cpe:2.3:a:cs-technologies:evolution:2.04.553
-
cpe:2.3:a:cs-technologies:evolution:2.04.554
-
cpe:2.3:a:cs-technologies:evolution:2.04.555
-
cpe:2.3:a:cs-technologies:evolution:2.04.556
-
cpe:2.3:a:cs-technologies:evolution:2.04.557
-
cpe:2.3:a:cs-technologies:evolution:2.04.558
-
cpe:2.3:a:cs-technologies:evolution:2.04.559
-
cpe:2.3:a:cs-technologies:evolution:2.04.560