CVE-2024-12345 MEDIUM

CVE-2024-12345: INW Krbyyyzo Daily Huddle Site gbo.aspx resource consumption

Vendor Inw
Product Krbyyyzo
Weakness CWE-400
Published January 27, 2025
Last update February 12, 2025

CVSS base score

6.7/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A vulnerability classified as problematic was found in INW Krbyyyzo 25.2002. Affected by this vulnerability is an unknown functionality of the file /gbo.aspx of the component Daily Huddle Site. The manipulation of the argument s leads to resource consumption. It is possible to launch the attack on the local host. Other endpoints might be affected as well.

Key dates

02Disclosure timeline

January 27, 2025 CVE published
February 12, 2025 Record updated