Vulnerabilities > CVE-2024-38462 - Unspecified vulnerability in Irods 4.1.10/4.2.0

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
irods
critical
NVD
Published: 2024-06-16
Updated: 2024-11-21

Summary

iRODS before 4.3.2 provides an msiSendMail function with a problematic dependency on the mail binary, such as in the mailMS.cpp#L94-L106 reference.

Vulnerable Configurations

Part Description Count
Application
Irods
3

References