CVE-2024-45321

Summary

CVE-2024-45321 affects the App::cpanminus package, specifically version 1.7047 for Perl, which downloads code using insecure HTTP. This vulnerability allows network attackers to execute arbitrary code, posing a critical risk with a CVSS score of 9.8 and high impacts on integrity, confidentiality, and availability. Remediation involves updating to a secure version of the App::cpanminus package that addresses this vulnerability. Organizations should take immediate action to protect their systems from potential exploitation due to the low attack complexity and lack of required user interaction for this vulnerability. Failure to remediate could lead to significant security breaches within an organization's infrastructure.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.