CVE-2024-12367

Summary

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vegagrup Software Vega Master allows Directory Indexing.

This issue affects Vega Master: from v.1.12.35 through 20250916. 

NOTE: The vendor did not inform about the completion of the fixing process within the specified time. The CVE will be updated when new information becomes available.

Affected Software

VendorProductVersion RangeStatus
Vegagrup SoftwareVega Masterv.1.12.35 <= 20250916affected

Weaknesses

  • CWE-497: CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References