CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-5675

Untrusted data deserialization vulnerability has been found in Mentor - Employee Portal, affecting version 3.83.35. This vulnerability could allow an attacker to execute arbitrary code, by injecting a malicious payload into the “ViewState” field.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.3%

CVSS Severity

CVSS v3 Score 10.0

References

https://www.incibe.es/en/incibe-cert/notices/aviso/unreliable-data-deserialization-vulnerability-mentor
https://www.incibe.es/en/incibe-cert/notices/aviso/unreliable-data-deserialization-vulnerability-mentor

Products affected by CVE-2024-5675

Summar » Mentor » Version: 3.83.35

cpe:2.3:a:summar:mentor:3.83.35

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-5675

Products

Pricing

Contact Us