CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-38447

NATO NCI ANET 3.4.1 allows Insecure Direct Object Reference via a modified ID field in a request for a private draft report (that belongs to an arbitrary user).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.5%

CVSS Severity

CVSS v3 Score 8.1

References

https://www.linkedin.com/pulse/idors-ncia-anet-v341-visionspace-technologies-hepxe
https://www.linkedin.com/pulse/idors-ncia-anet-v341-visionspace-technologies-hepxe

Products affected by CVE-2024-38447

Ncia » Advisor Network » Version: 3.4.1

cpe:2.3:a:ncia:advisor_network:3.4.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-38447

Products

Pricing

Contact Us