go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

The SYSCOM Group OMFLOW - Exposure of Sensitive Data

TVN ID TVN-202409026
CVE ID CVE-2024-8969
CVSS 6.5 (Medium) CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products OMFLOW version 1.2.0 and earlier.
Description OMFLOW from The SYSCOM Group has a vulnerability involving the exposure of sensitive data. This allows remote attackers who have logged into the system to obtain password hashes of all users and administrators.
Solution Update to version 1.2.1 or later.
Credit Kun Xian Lin (DEVCORE)
Public Date 2024-09-18
Top