CVE-2024-21667
Summary
| CVE | CVE-2024-21667 |
|---|---|
| State | PUBLISHED |
| Assigner | Unknown |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2024-01-11 01:15:00 UTC |
| Updated | 2024-01-18 13:12:00 UTC |
| Description | Description unavailable. |
Risk And Classification
Problem Types: CWE-284
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Pimcore | Customer Management Framework | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Improper Access Control allows unprivileged user to access GDPR extracts · Advisory · pimcore/customer-data-framework · GitHub | github.com | Exploit, Vendor Advisory | |
| [Bug]: Fix GDPR search-data-objects permission (#525) · pimcore/customer-data-framework@6c34515 · GitHub | github.com | Patch | |
| github.com/pimcore/customer-data-framework/blob/b4af625ef327c58d05ef7cdf... | github.com | Issue Tracking | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.