External Parties Can Access Files or Directories Without Authorization
CVE-2024-38429

7.5HIGH

Key Information:

Vendor: Matrix
Status: Tafnit V8
Vendor: CVE Published:; 30 July 2024

What is CVE-2024-38429?

Matrix Tafnit v8 contains a vulnerability that results in files or directories being accessible to external parties. This security flaw could potentially allow malicious actors to gain unauthorized access to sensitive data, compromising the confidentiality and integrity of information. Proper security measures and updates are crucial for organizations using affected versions to mitigate risks associated with this exposure.

Affected Version(s)

Tafnit v8 All versions < 8.4.202

References

https://www.gov.il/en/Departments/faq/cve_advisories

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 30, 2024
Vulnerability Reserved
Jun 16, 2024

Credit

Gad Abuhatziera, Nimrod Bickels, Itay Cherdman - Sophtix Security LTD