Vulnerability in Wvp-pro Gb28181

CVE-2024-36523

An access control issue in Wvp GB28181 Pro 2.0 allows users to continue to access information in the application after deleting their own or administrator accounts. This is provided that the users do not log out of their deleted accounts.

EPSS: 0.003 (25.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2024-36523?
CVE-2024-36523 is a medium-severity vulnerability in Wvp-pro Gb28181, classified under Insufficient Session Expiration. CVSS score: 6.5/10. Published 2024-06-12.
How severe is CVE-2024-36523?
Medium severity. CVSS v3 base score is 6.5 out of 10.