What is CVE-2024-58343?

CVE-2024-58343 is a medium-severity vulnerability in Vision Helpdesk, classified under Direct Request (Forced Browsing). CVSS score: 4.3/10. Published 2026-04-16.

How severe is CVE-2024-58343?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Vulnerability in Vision Helpdesk

CVE-2024-58343

Vision Helpdesk before 5.7.0 (patched in 5.6.10) allows attackers to read user profiles via modified serialized cookie data to vis_client_id.

EPSS: 0.000 (9.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N.

Affected products

Vision Helpdesk — versions 0

Weakness classification (CWE)

CWE-425 — Direct Request (Forced Browsing)

References

github.com/websec/Vision-Helpdesk-Exploit
websec.net/blog/critical-vulnerability-in-vision-helpdesk-allows-unauthorized-s…

Frequently asked questions

What is CVE-2024-58343?: CVE-2024-58343 is a medium-severity vulnerability in Vision Helpdesk, classified under Direct Request (Forced Browsing). CVSS score: 4.3/10. Published 2026-04-16.
How severe is CVE-2024-58343?: Medium severity. CVSS v3 base score is 4.3 out of 10.