CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2024-6118

CVSS 9.3v4.0pub. 2024-08-05upd. 2024-08-30

A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub Paperless Meetings 2021 allows remote attackers to obtain the other users’ credentials and gain access to the product via an XML file.

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Hamastar Meetinghub Paperless Meetings

    APP
    Hamastar
    2021
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2026-1331CRITICAL9.3PL ✓ten sam produkt

Arbitrary File Upload w Hamastar MeetingHub umożliwia RCE bez uwierzytelnienia

CVE-2024-6117CRITICAL9.3PL ✓ten sam produkt

Nieograniczony upload plików w Hamastar MeetingHub — zdalne wykonanie poleceń

CVE-2026-1330HIGH8.7ten sam produkt

MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated...

CVE-2026-1332MEDIUM6.9ten sam produkt

MeetingHub developed by HAMASTAR Technology has a Missing Authentication vulnerability, allowing unauthenticat...