Tongda OA 2017 Vulnerability Analysis
CVE-2024-10599

7.5HIGH

Key Information:

Vendor

Tongda

Status
Oa 2017
Vendor
CVE Published:
31 October 2024

Badges

👾 Exploit Exists

What is CVE-2024-10599?

A vulnerability has been identified in Tongda OA versions up to 11.7 that permits remote attackers to manipulate processing of the file /inc/package_static_resources.php. This manipulation can lead to excessive resource consumption, which may impact the availability of affected systems. The exploit is publicly disclosed, allowing attackers the opportunity to initiate attacks, potentially leading to Denial of Service (DoS) conditions. Organizations utilizing the Tongda OA platform should assess their exposure and take appropriate measures to mitigate the associated risks.

Affected Version(s)

OA 2017 11.0

OA 2017 11.1

OA 2017 11.2

References

https://vuldb.com/?id.282611
vdb-entry
https://vuldb.com/?ctiid.282611
signaturepermissions-required
https://vuldb.com/?submit.433496
third-party-advisory

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

LVZC1 (VulDB User)
.