Decision Suite

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2024-36427	TARGIT Decision Suite	Hig	0.53	8.1	0.01		May 29, 2024	The file-serving function in TARGIT Decision Suite before 24.06.19002 (TARGIT Decision Suite 2024 – June) allows authenticated attackers to read or write to server files via a crafted file request. This can allow code execution via a .xview file.
CVE-2024-36426	TARGIT Decision Suite	Hig	0.49	7.5	0.00		May 27, 2024	In TARGIT Decision Suite 23.2.15007.0 before Autumn 2023, the session token is part of the URL and may be sent in a cleartext HTTP session.

CVE-2024-36427HigMay 29, 2024
TARGIT
Decision Suite
risk 0.53cvss 8.1epss 0.01
The file-serving function in TARGIT Decision Suite before 24.06.19002 (TARGIT Decision Suite 2024 – June) allows authenticated attackers to read or write to server files via a crafted file request. This can allow code execution via a .xview file.
CVE-2024-36426HigMay 27, 2024
TARGIT
Decision Suite
risk 0.49cvss 7.5epss 0.00
In TARGIT Decision Suite 23.2.15007.0 before Autumn 2023, the session token is part of the URL and may be sent in a cleartext HTTP session.