NA
CVSSv3

CVE-2024-33329

CVSSv4: NA | CVSSv3: NA | CVSSv2: NA | VMScore: NA | EPSS: 0.00043 | KEV: Not Included
Published: 26/06/2024 Updated: 21/11/2024

Vulnerability Summary

A hardcoded privileged ID within Lumisxp v15.0.x to v16.1.x allows malicious users to bypass authentication and access internal pages and other sensitive information.

Exploits

LumisXP versions 150x through 161x have a hardcoded privileged identifier that allows attackers to bypass authentication and access internal pages and other sensitive information ...

Mailing Lists

=====[ Tempest Security Intelligence - ADV-6/2024 ]========================== LumisXP v150x to v161x Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil =====[ Table of Contents]================================================== Overview Detailed description Timeline of disclosure Thanks & Acknowledgemen ...