CVE-2024-50651

java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CISA-ADPADP
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
VendorProductVersion
geeeeeeeekjava_shop
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/Yllxx03/CVE/blob/main/java_shop/BrokenAccessControl.md
https://github.com/Yllxx03/CVE/tree/main/CVE-2024-50651