CVE-2024-3784

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Apr 15, 2024
CWE ID 89

Summary

CVE-2024-3784 is a newly identified vulnerability affecting WBSAirback version 21.02.04. This issue stems from a failure to properly handle Server-Side Includes (SSIs) within the /admin/CloudAccounts endpoint. An attacker can exploit this vulnerability remotely and execute arbitrary code through S3 Accounts. Organizations using the affected WBSAirback version are urged to update their software as soon as possible to mitigate this potential security risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share