Vulnerabilities > CVE-2024-42677 - Unspecified vulnerability in Isellerpal Enterprise Resource Management System

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

isellerpal

NVD

Published: 2024-08-15

Updated: 2024-11-18

Summary

An issue in Huizhi enterprise resource management system v.1.0 and before allows a local attacker to obtain sensitive information via the /nssys/common/filehandle. Aspx component

Vulnerable Configurations

Part	Description	Count
Application	Isellerpal Isellerpal Enterprise Resource Management System *	1

References

https://github.com/WarmBrew/web_vul/blob/main/HZ-cve/HZlfi.md
https://github.com/WarmBrew/web_vul/blob/main/CVES/CVE-2024-42677.md