CVE-2024-6831

MEDIUM Year: 2024
CVSS v3 Score
4.4
Medium
Weakness Type
CWE-602
View all →

Vulnerability Description

Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program has found that it is possible to edit and/or remove views without the necessary permission due to a client-side-only check. Axis has released patched versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.

Related Vulnerabilities

CVE-2024-42340

MEDIUM
CVSS:4.3(Medium)

CyberArk - CWE-602: Client-Side Enforcement of Server-Side Security

CWE-6022024

CVE-2024-52960

MEDIUM
CVSS:4.3(Medium)

A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.6 and before 4.2.7 allows an authenticated attacker with at least re...

CWE-6022024

CVE-2025-28168

MEDIUM
CVSS:4.3(Medium)

The Multiple File Upload add-on component 3.1.0 for OutSystems is vulnerable to Unrestricted File Upload. This occurs because file extension and size validations are enforced solely on the client side...

CWE-6022025

CVE-2023-20172

MEDIUM
CVSS:4.9(Medium)

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabil...

CWE-6022023

CVE-2023-39218

MEDIUM
CVSS:4.9(Medium)

Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access.

CWE-6022023

CVE-2024-20476

MEDIUM
CVSS:4.9(Medium)

A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific file management functions. This vul...

CWE-6022024