CVE-2024-37774

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-37774

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-37774.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-37774

Published

2024-12-16T22:15:06.127Z

Modified

2026-03-12T05:08:38.727230Z

Severity

8.0 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A Cross-Site Request Forgery (CSRF) in Sunbird DCIM dcTrack v9.1.2 allows authenticated attackers to escalate their privileges by forcing an Administrator user to perform sensitive requests in some admin screens.

References

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-37774.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.1.2"
            }
        ]
    }
]