CVE-2024-5618 | Incorrect Permission Assignment for Critical Resource vulner… | CVSS 9.9 CRITICAL

Description

Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics Apinizer Management Console allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Apinizer Management Console: before 2024.05.1.

Metadata

CVE ID: CVE-2024-5618
State: PUBLISHED
Assigner: TR-CERT
Reserved: 2024-06-04 07:29 UTC
Published: 2024-07-18 16:28 UTC
Last updated: 2026-06-03 13:02 UTC
Primary CWE: CWE-732
CWE-732 Incorrect Permission Assignment for Critical Resourc…
Vendor / Product: PruvaSoft Informatics / Apinizer Management Console
Sources: cve.org · NVD

Severity & Metrics

9.9 CRITICAL CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

SSVC — CISA Coordinator

Exploitation: none
Automatable: no
Tech. Impact: total

Affected products (1)

Vendor	Product	Platform	Versions
PruvaSoft Informatics	Apinizer Management Console	—	0 < 2024.05.1

Weakness (CWE)

CWE	Source	Description
CWE-732	cna	CWE-732 Incorrect Permission Assignment for Critical Resource

CVSS scores (1)

Score	Severity	Version	Source	Vector
9.9	CRITICAL	3.1	cna	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References (2)