CVE-2024-40404 | Cybele Software Thinfinity Workspace prior 7.0.2.113 Web Sockets Connection API Endpoint access control

Posted by Angelo Barbosa | Nov 14, 2024 | CVE

A vulnerability was found in Cybele Software Thinfinity Workspace. It has been classified as critical. Affected is an unknown function of the component Web Sockets Connection API Endpoint. The manipulation leads to improper access controls.

This vulnerability is traded as CVE-2024-40404. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-40404 | Cybele Software Thinfinity Workspace prior 7.0.2.113 Web Sockets Connection API Endpoint access control

Related Posts

CVE-2024-49850 | Linux Kernel up to 6.1.112/6.6.53/6.10.12/6.11.1 bpf null pointer dereference

CVE-2024-9350 | DPD Baltic Shipping Plugin up to 1.2.83 on WordPress cross site scripting

CVE-2024-6438 | Hitout Carsale 1.0 OrderController.java orderBy sql injection (Issue 23)

CVE-2024-25980 | Moodle prior 4.3.3/4.1.9 H5P Attempts Report access control