CVE-2024-8777

Summary

CVE-2024-8777 is a high-severity information leakage vulnerability affecting OMFLOW products from The SYSCOM Group, which allows unauthorized remote attackers to access arbitrary system configurations. If LDAP authentication is enabled, attackers can potentially retrieve plaintext credentials, posing a significant risk to organizational security. The vulnerability has an exploitability score of 3.9 and a base score of 7.5, indicating a low attack complexity with no required privileges or user interaction for exploitation. To remediate this vulnerability, organizations should disable LDAP authentication if not needed and monitor system configurations closely. The potential impact includes high confidentiality risks due to the exposure of sensitive information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.