How severe is CVE-2024-4692?

This vulnerability has a severity rating of LOW with a CVSS score of 2.4 out of 10.

What type of vulnerability is CVE-2024-4692?

This is classified as CWE-280, which is a common weakness in software security.

CVE-2024-4692 - LOW Severity | CVSS 2.4

Vulnerability Description

Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText Application Automation Tools. The vulnerability could allow users with Overall/Read permission to enumerate Service Virtualization server names. This issue affects OpenText Application Automation Tools: 24.1.0 and below.

Related Vulnerabilities

CVE-2024-4211

LOW

CVSS:2.4(Low)

CWE-2802024

CVE-2024-29852

LOW

CVSS:2.7(Low)

Veeam Backup Enterprise Manager allows high-privileged users to read backup session logs.

CWE-2802024

CVE-2024-32882

LOW

CVSS:2.7(Low)

Wagtail is an open source content management system built on Django. In affected versions if a model has been made available for editing through the `wagtail.contrib.settings` module or `ModelViewSet`...

CWE-2802024

CVE-2024-42194

LOW

CVSS:3.1(Low)

An improper handling of insufficient permissions or privileges affects HCL BigFix Inventory. An attacker having access via a read-only account can possibly change certain configuration parameters by c...

CWE-2802024

CVE-2022-39872

LOW

CVSS:3.3(Low)

Improper restriction of broadcasting Intent in ShareLive prior to version 13.2.03.5 leaks MAC address of the connected Bluetooth device.

CWE-2802022

CVE-2022-39885

LOW

CVSS:3.3(Low)

Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to SMR Nov-2022 Release 1 allows local attacker to access to Device information.

CWE-2802022