cvedb.io
CVE-2024-4138
MEDIUM · CVSS 4.3
EPSS exploitation probability: 0%
Published 2024-05-14T16:17:32.570 · Last modified 2026-06-17T08:01:12.320

Summary

Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can enable/disable the sharing rule of other users affecting the integrity of the application. Confidentiality and Availability are not affected.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.