go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

Sunnet eHRD CTMS - Authentication Bypass

TVN ID TVN-202410021
CVE ID CVE-2024-10438
CVSS 7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products eHRD CTMS before version 10.14
Description The eHRD CTMS from Sunnet has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to bypass authentication by satisfying specific conditions in order to access certain functionalities.
Solution Please contact Sunnet for version updates or upgrades.
Credit Michael (DEVCORE)
Public Date 2024-10-28
Top