Security Advisory

CVE-2024-57249

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-07 00:00:00

Last updated 2025-02-11 15:21:05

Assigner mitre

State PUBLISHED

Description

Incorrect Access Control in the Preview Function of Gleamtech FileVista 9.2.0.0 allows remote attackers to gain unauthorized access via exploiting a vulnerability in access control mechanisms by removing authentication-related HTTP headers, such as the Cookie header, in the request. This bypasses the authentication process and grants attackers access to sensitive image files without proper login credentials.

← Browse all CVEs View on cve.org ↗