CVE-2024-4894

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published May 15, 2024

CWE ID 918

Summary

CVE-2024-4894 is a newly disclosed vulnerability affecting ITPison OMICARD EDM. The issue stems from the software's failure to adequately filter specific URL parameters, leading to Server-Side Request Forgery (SSRF) vulnerabilities. Unauthenticated attackers can exploit this flaw to modify parameters and induce the software to make unintended requests to internal servers, potentially gaining access to sensitive network information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

OMICARD EDM

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/v7hMTo
https://www.cve.org/CVERecord?id=CVE-2024-4894
https://nvd.nist.gov/vuln/detail/CVE-2024-4894

Back to Vulnerability Database

CVE-2024-4894

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations