CVE-2024-4297 – The system configuration interface of HGiga iSherlock (including MailSherlock, …

29 April 2024

Vuln ID: CVE-2024-4297

Published: 2024-04-29 03:15:09.613

Description: The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files.

Base Score: 4.9 – MEDIUM

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Source: NVD.NIST.GOV

Date:

29 April 2024

Categorie(s):

NVD

Tag(s):

NVD

Anti-stalking feature to become part of Android 6.0+ and iOS 17.515 May 2024
US agencies issue warning about Black Basta ransomware gang15 May 2024
Microsoft lawyer to appear in House committee hearing on cybersecurity15 May 2024
Draft of 2025 defense bill includes mobile device cybersecurity evaluation15 May 2024
Cyber-Attack Disrupts Christie’s $840M Art Auctions15 May 2024