Medium severity4.9NVD Advisory· Published Dec 27, 2024· Updated Jun 17, 2026
CVE-2024-54452
CVE-2024-54452
Description
An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35 and 7.10.x through 7.10.0.18. A Directory Traversal and Local File Inclusion vulnerability in the logsSys.do page allows remote attackers (authenticated as administrators) to trigger the display of unintended files. Any file accessible to the Kurmi user account could be displayed, e.g., configuration files with information such as the database password.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <7.9.0.35, 7.10.x through 7.10.0.18
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.