CVE-2024-38886
CriticalCVSS 9.8Exploitation Probability (EPSS)
Elevated risk51th percentile - higher than 51% of all known CVEs
Summary
A vulnerability in Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405 and possibly later allows a remote attacker to perform a Traffic Injection attack due to improper verification of the source of a communication channel.
Risk Assessment
An attacker can inject malicious traffic into the system's communication, potentially leading to data integrity compromise, impersonation of legitimate sources, or unauthorized operations.
Recommendation
Immediately update Caterease to the latest available version that includes a fix for this vulnerability. Until the update is applied, restrict system access to trusted networks and IP addresses only.
Original NVD description (English source)
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Traffic Injection attack due to improper verification of the source of a communication channel.

