Auth bypass in N/a

CVE-2024-55579

An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. An unprivileged user with network access may be able to create connection objects that trigger execution of arbitrary EXE files. This is fixed in Novembe…

Vulnerability class: Broken Access Control

EPSS: 0.005 (37.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

  • N/a — versions n/a

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2024-55579?
CVE-2024-55579 is a high-severity vulnerability in N/a, classified under Incorrect Authorization. CVSS score: 8.8/10. Published 2024-12-09.
How severe is CVE-2024-55579?
High severity. CVSS v3 base score is 8.8 out of 10.