How severe is CVE-2024-40395?

CVE-2024-40395 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2024-40395

Name: thingworx
Author: ptc

6.5MEDIUM

An Insecure Direct Object Reference (IDOR) in PTC ThingWorx v9.5.0 allows attackers to view sensitive information, including PII, regardless of access level.

Published: 8/27/2024Updated: 3/25/2025

Description

An Insecure Direct Object Reference (IDOR) in PTC ThingWorx v9.5.0 allows attackers to view sensitive information, including PII, regardless of access level.

AI AnalysisPowered by AI

Affected Products

ptcthingworx

9.5.0

References

https://pastebin.com/9dc4LYGA
Third Party Advisory