CVE-2024-1343

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Published Feb 19, 2024

Updated: Feb 20, 2024

CWE ID 284

Summary

CVE-2024-1343 is a vulnerability affecting LaborOfficeFree version 19.10. This issue involves weak permissions in the backup directory, where any authenticated user can access backup files located in the '_programfiles(x86)% LaborOfficeFree BackUp'_ directory. This represents a privacy risk, as sensitive data from the backup files may be readable by unintended users. It is crucial for users to update their software to a patched version to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ucfsYZ
https://www.cve.org/CVERecord?id=CVE-2024-1343
https://nvd.nist.gov/vuln/detail/CVE-2024-1343

Back to Vulnerability Database

CVE-2024-1343

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations