FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2024-43272

Missing Authentication for Critical Function (CWE-306)

Published: Aug 19, 2024 / Updated: 3mo ago

010
CVSS 5.3EPSS 0.04%Medium
CVE info copied to clipboard

Missing Authentication for Critical Function vulnerability in icegram Icegram allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Icegram: from n/a through 3.1.24.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Timeline

First Article

Feedly found the first article mentioning CVE-2024-43272. See article

Aug 19, 2024 at 6:22 PM / VulDB Updates
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Aug 19, 2024 at 6:23 PM
Static CVE Timeline Graph

Affected Systems

Icegram/icegram
+null more

Attack Patterns

CAPEC-12: Choosing Message Identifier
+null more

News

Update Thu Sep 12 22:27:22 UTC 2024
Recent Commits to cve:main / 2mo
Update Thu Sep 12 22:27:22 UTC 2024
Wordfence Intelligence Weekly WordPress Vulnerability Report (August 12, 2024 to August 18, 2024)
Blog - Wordfence / 2mo
WordPress Plugins with Reported Vulnerabilities Last Week Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities.
CVE-2024-43272
Newest CVEs from Tenable / 3mo
Medium Severity Description Missing Authentication for Critical Function vulnerability in icegram Icegram allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Icegram: from n/a through 3.1.24. Read more at https://www.tenable.com/cve/CVE-2024-43272
NA - CVE-2024-43272 - Missing Authentication for Critical Function...
Security-Database Alerts Monitor : Last 100 Alerts / 3mo
Missing Authentication for Critical Function vulnerability in icegram Icegram allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Icegram: from n/a through 3.1.24.
CVE-2024-43272 WordPress Icegram Engage plugin <=3.1.24 - Unauthenticated Unpublished Campaign Viewer vulnerability
Vulners.com RSS Feed / 3mo
Missing Authentication for Critical Function vulnerability in icegram Icegram allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Icegram: from n/a through...
See 6 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:Low
Integrity:None
Availability Impact:None

Categories

CVSS 5.3(34617)CWE-306(1267)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial