CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2024-50693: SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references (IDOR) via the userService API model.
Description
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references (IDOR) via the userService API model.
Classification
CVE ID: CVE-2024-50693
Affected Products
Vendor: n/a
Product: n/a
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 8.41% (scored less or equal to compared to others)
EPSS Date: 2025-03-27 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2024-50693https://en.sungrowpower.com/security-notice-detail-2/6120