How severe is CVE-2024-49071?

CVE-2024-49071 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2024-49071

Name: defender_for_endpoint
Author: microsoft

6.5MEDIUM

Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network.

Publicado: 12/12/2024Actualizado: 1/10/2025

Descripción

Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network.

Análisis IAImpulsado por IA

Productos Afectados

microsoftdefender_for_endpoint

Referencias

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49071
Vendor Advisory