Auth bypass in N/a
CVE-2024-55579
An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. An unprivileged user with network access may be able to create connection objects that trigger execution of arbitrary EXE files. This is fixed in Novembe…
Vulnerability class: Broken Access Control
EPSS: 0.005 (37.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.
Affected products
- N/a — versions n/a
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2024-55579?
- CVE-2024-55579 is a high-severity vulnerability in N/a, classified under Incorrect Authorization. CVSS score: 8.8/10. Published 2024-12-09.
- How severe is CVE-2024-55579?
- High severity. CVSS v3 base score is 8.8 out of 10.