CVE-2024-4259

EPSS 0.51%
Veröffentlicht 03.09.2024 14:15:17
Zuletzt bearbeitet 03.06.2026 16:16:22
Quelle iletisim@usom.gov.tr
CVE-Watchlists
Login
Unerledigt
Login

Sensetive Data Exposure in SAMPAS's AKOS

Missing Authorization vulnerability in SAMPAŞ Holding AKOS (AkosCepVatandasService), SAMPAŞ Holding AKOS (TahsilatService) allows Collect Data as Provided by Users.


This issue affects AKOS (AkosCepVatandasService): before V2.0; AKOS (TahsilatService): before V1.0.7.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sambas ≫ Akos Version <= 2024-09-02

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.51%	0.391

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
iletisim@usom.gov.tr	6.9	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-862 Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

https://www.usom.gov.tr/bildirim/tr-24-1377

Broken Link

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1377

https://nvd.nist.gov/vuln/detail/CVE-2024-4259

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-4259

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-4259

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-4259