CVE-2024-37346

Insufficient input validation vulnerability in the Absolute Secure Access Warehouse prior to 13.06

Description

There is an insufficient input validation vulnerability in the Warehouse component of Absolute Secure Access prior to 13.06. Attackers with system administrator permissions can impair the availability of certain elements of the Secure Access administrative UI by writing invalid data to the warehouse over the network. There is no loss of warehouse integrity or confidentiality, the security scope is unchanged. Loss of availability is high.

INFO

Published Date :

2024-06-20T16:51:37.265Z

Last Modified :

2024-08-02T03:50:55.993Z

Source :

Absolute

AFFECTED PRODUCTS

The following products are affected by CVE-2024-37346 vulnerability.

Vendors	Products
Absolute	Secure Access

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-37346.

URL	Resource
https://www.absolute.com/platform/security-information/vulnerability-archive/secure-access-1306/cve-2024-37346/

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact