NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-47071

Summary	OSS Endpoint Manager is an endpoint manager module for FreePBX. OSS Endpoint Manager module activation can allow authenticated web users unauthorized access to read system files with the permissions of the webserver process. This vulnerability is fixed in 14.0.4.
Publication Date	Oct. 2, 2024, 1:15 a.m.
Registration Date	Oct. 2, 2024, noon
Last Update	Oct. 4, 2024, 10:51 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/FreePBX/security-reporting/security/advisories/GHSA-x9wc-qjrc-j7ww
2	https://github.com/FreePBX-ContributedModules/endpointman/commit/bad70ca3de2166bbd24f273f7f212a8b2c92a719

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-22	パス・トラバーサル	https://cwe.mitre.org/data/definitions/22.html