CVE-2024-4296 – The account management interface of HGiga iSherlock (including MailSherlock, …

29 April 2024

Vuln ID: CVE-2024-4296

Published: 2024-04-29 02:15:06.153

Description: The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files.

Base Score: 4.9 – MEDIUM

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Source: NVD.NIST.GOV

Date:

29 April 2024

Categorie(s):

NVD

Tag(s):

NVD

Zscaler enhances AI data protection platform with new security innovations15 May 2024
Investigating lateral movements with Amazon Detective investigation and Security Lake integration14 May 2024
Microsoft fixes a bug abused in QakBot attacks plus a second under exploit14 May 2024
Unlocking cybersecurity excellence: The BISO’s vital role in safeguarding enterprises14 May 2024
FCC names and shames Royal Tiger AI robocall crew14 May 2024