Main Vulnerability Database SB2024022933

SB2024022933 - Protection Mechanism Failure in RevoWorks

Published: February 29, 2024

Security Bulletin ID SB2024022933

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Protection Mechanism Failure (CVE-ID: CVE-2024-25091)

CWE-ID: CWE-693 - Protection Mechanism Failure

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient implementation of security measures. An attacker can bypass implemented security restrictions and elevate privileges on the system.

Remediation

Install update from vendor's website.

References

https://jvn.jp/en/jp/JVN35928117/index.html
https://jscom.jp/news-20240229/