Unsafe Access to User Session Cookies
CVE-2024-9984

9.8CRITICAL

Key Information:

Vendor: Ragic
Status: Enterprise Cloud Database
Vendor: CVE Published:; 15 October 2024

What is CVE-2024-9984?

Ragic's Enterprise Cloud Database exhibits a security flaw that fails to properly authenticate access to critical functionalities. This oversight permits unauthenticated remote attackers to exploit the vulnerability, allowing them to retrieve any user's session cookie. Such unauthorized access could potentially lead to session hijacking and compromise user data security. It is crucial for users to be aware of this vulnerability and apply patches to safeguard their data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Enterprise Cloud Database 0 < 2024/08/08 09:45:25

References

https://www.twcert.org.tw/tw/cp-132-8150-c955a-1.html

third-party-advisory

https://www.twcert.org.tw/en/cp-139-8151-1a4b5-2.html

third-party-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 15, 2024
Vulnerability Reserved
Oct 15, 2024

JSON

Ragic

What is CVE-2024-9984?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.