CVE Catalog
CVE-2024-37210
MediumCVSS 6.5Summary
AliNext has a missing authorization vulnerability that allows exploiting incorrectly configured access control security levels. This issue affects versions from n/a through 3.3.5.
Risk Assessment
Organizations may be exposed to unauthorized access to sensitive data, potentially leading to serious security breaches.
Recommendation
It is recommended to review and improve the configuration of access control security levels in AliNext to ensure proper user authorization.
Original NVD description (English source)
Missing Authorization vulnerability in ali2woo AliNext allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AliNext: from n/a through 3.3.5.

