How severe is CVE-2024-49071?

CVE-2024-49071 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2024-49071

Name: defender_for_endpoint
Author: microsoft

6.5MEDIUM

Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network.

Published: 12/12/2024Updated: 1/10/2025

Description

Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network.

AI AnalysisPowered by AI

Affected Products

microsoftdefender_for_endpoint

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49071
Vendor Advisory