Vulnerability Identifier
CVE-2024-37372
2025-01-09
Severity Assessment
LOW
CVSS v3.x Score
Clinical Analysis (Description)
The Permission Model assumes that any path starting with two backslashes \ has a four-character prefix that can be ignored, which is not always true. This subtle bug leads to vulnerable edge cases.
Vector Sequencing
Attack Parameters
Impact Consequences
Technical Impact
Timeline
Time Line
PUBLICATION
09 Jan 2025
MODIFICATION
02 May 2025
FIRST PATCH
21 Jan 2025
Impact Statistics
Key Metrics
CVSS Score
LOW
Patches
1
Available
Remediation Protocol
Recommended Solution
No automatic solution found. Check vendor references.
Patch Library
Recommended Actions for Administrators
Immediate Action Plan
1. Inventory
Identify all affected systems in your infrastructure.
2. Assessment
Assess exposure and criticality for your organization.
3. Mitigation
Apply patches or available workarounds.
4. Verification
Test and confirm effectiveness of applied measures.
Sources & Bibliography