Unrated severityNVD Advisory· Published Nov 13, 2024· Updated Nov 25, 2024

CVE-2024-40408

Description

Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the Create Profile section. This vulnerability allows attackers to create arbitrary user profiles with elevated privileges.

Affected products

Cybele Software/Thinfinity Workspacedescription
Cybele Software/Thinfinity Workspacellm-fuzzy
Range: <7.0.2.113

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

blog.cybelesoft.com/thinfinity-workspace-security-bulletin-nov-2024/mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000