VYPR
Unrated severityNVD Advisory· Published Sep 24, 2024· Updated Sep 24, 2024

CVE-2024-46607

CVE-2024-46607

Description

Incorrect access control in IceCMS v3.4.7 and before allows attackers to authenticate by entering any arbitrary values as the username and password via the loginAdmin method in the UserController.java file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.