UVDesk Community Helpdesk Improper Privilege Management · CVE-2024-3137 · GitHub Advisory Database · GitHub

UVDesk Community Helpdesk Improper Privilege Management

High severity GitHub Reviewed Published Apr 2, 2024 to the GitHub Advisory Database • Updated Apr 2, 2024

Package

uvdesk/core-framework (Composer)

Affected versions

<= 1.1.1

Patched versions

None

Description

Improper Privilege Management in uvdesk/community-skeleton

References

Published by the National Vulnerability Database

Apr 2, 2024

Published to the GitHub Advisory Database Apr 2, 2024

Reviewed Apr 2, 2024

Last updated Apr 2, 2024

Severity

High

/ 10

CVSS v3 base metrics

Attack vector

Network

Attack complexity

Low

Privileges required

Low

User interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

High

Availability

None

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N