Vulnerabilities > CVE-2024-38183 - Unspecified vulnerability in Microsoft Groupme

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

microsoft

NVD

Published: 2024-09-17

Updated: 2024-09-25

Summary

An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network by convincing a user to click on a malicious link.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Groupme -	1

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38183