CVE-2024-23537

Description

Improper Privilege Management vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5. Users are recommended to upgrade to version 1.9.0, which fixes the issue.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

Low

Affected products

Apache Software Foundation / Apache Fineract0 – 1.9.0

References

MISChttps://cwiki.apache.org/confluence/display/FINERACT/Apache+Fineract+Security+Report
MAILING_LISThttps://lists.apache.org/thread/fq1ns4nprw2vqpkwwj9sw45jkwxmt9f1
MAILING_LISThttp://www.openwall.com/lists/oss-security/2024/03/29/1