CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2024-50689: SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references (IDOR) via the orgService API model.
Description
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references (IDOR) via the orgService API model.
Classification
CVE ID: CVE-2024-50689
Affected Products
Vendor: n/a
Product: n/a
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 8.41% (scored less or equal to compared to others)
EPSS Date: 2025-03-27 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2024-50689https://en.sungrowpower.com/security-notice-detail-2/6116