How severe is CVE-2024-7399?

CVE-2024-7399 has a CVSS v3 score of 8.8 (HIGH).

CVE-2024-7399

Name: magicinfo_9_server
Author: samsung

8.8HIGH

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.

Veröffentlicht: 8/12/2024Aktualisiert: 8/13/2024

CISA Bekannte Ausgenutzte Schwachstelle

Samsung MagicINFO 9 Server contains a path traversal vulnerability that could allow an attacker to write arbitrary files as system authority.

Erforderliche Maßnahme:

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Fälligkeitsdatum:

2026-05-08

Beschreibung

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.

CVE-2024-7399

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.

CISA Bekannte Ausgenutzte Schwachstelle

Beschreibung

KI-AnalyseKI-gestützt

Betroffene Produkte

Referenzen