CVE Catalog

CVE-2024-37210

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Summary

AliNext has a missing authorization vulnerability that allows exploiting incorrectly configured access control security levels. This issue affects versions from n/a through 3.3.5.

Risk Assessment

Organizations may be exposed to unauthorized access to sensitive data, potentially leading to serious security breaches.

Recommendation

It is recommended to review and improve the configuration of access control security levels in AliNext to ensure proper user authorization.

Original NVD description (English source)

Missing Authorization vulnerability in ali2woo AliNext allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AliNext: from n/a through 3.3.5.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS