Critical severity9.8NVD Advisory· Published Jun 27, 2024· Updated Apr 15, 2026

CVE-2024-39669

Description

In the Console in Soffid IAM before 3.5.39, necessary checks were not applied to some Java objects. A malicious agent could possibly execute arbitrary code in the Sync Server and compromise security.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bookstack.soffid.com/books/security-advisories/page/cve-2024-39669nvd

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000