Vulnerabilities > CVE-2024-0642 - Unspecified vulnerability in Cires21 Live Encoder 5.3

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

cires21

critical

NVD

Published: 2024-01-17

Updated: 2024-11-21

Summary

Inadequate access control in the C21 Live Encoder and Live Mosaic product, version 5.3. This vulnerability allows a remote attacker to access the application as an administrator user through the application endpoint, due to lack of proper credential management.

Vulnerable Configurations

Part	Description	Count
Application	Cires21 Cires21 Live Encoder 5.3	1

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-cires21-products
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-cires21-products