CVE-2024-10469: CERT/CC VINCE versions before 3.0.9 allows authenticated user to access User Management view.
0.0
CVSS
Description
VINCE versions before 3.0.9 is vulnerable to exposure of User information to authenticated users.
Classification
CVE ID: CVE-2024-10469
CVSS Base Severity: LOW
CVSS Base Score: 0.0
Affected Products
Vendor: CERT/CC
Product: VINCE
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 20.6% (scored less or equal to compared to others)
EPSS Date: 2025-02-03 (when was this score calculated)