How severe is CVE-2024-40395?

CVE-2024-40395 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2024-40395

Name: thingworx
Author: ptc

6.5MEDIUM

An Insecure Direct Object Reference (IDOR) in PTC ThingWorx v9.5.0 allows attackers to view sensitive information, including PII, regardless of access level.

Publicado: 8/27/2024Actualizado: 3/25/2025

Descripción

An Insecure Direct Object Reference (IDOR) in PTC ThingWorx v9.5.0 allows attackers to view sensitive information, including PII, regardless of access level.

Análisis IAImpulsado por IA

Productos Afectados

ptcthingworx

9.5.0

Referencias

https://pastebin.com/9dc4LYGA
Third Party Advisory