go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

The SYSCOM Group OMFLOW - Information Leakage

TVN ID TVN-202409017
CVE ID CVE-2024-8777
CVSS 7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products OMFLOW from version 1.1.6.0 to 1.2.1.2
Description OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized remote attackers to read arbitrary system configurations. If LDAP authentication is enabled, attackers can obtain plaintext credentials.
Solution Update to version 1.2.1.3 or later.
Credit Sideman (DEVCORE)
Public Date 2024-09-13
Top