cvedb.io
CVE-2024-9984
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2024-10-15T09:15:04.480 · Last modified 2026-06-17T08:25:38.553

Summary

Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user's session cookie.

Affected products

ragic — enterprise_cloud_database

Does this affect you?

Add your gear to cvedb and we'll alert you only when ragic ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.