CVE-2024-12917 HIGH

CVE-2024-12917: Improper Access Control in Agito Computer's Health4All

Vendor Agito Computer
Product Health4All
Weakness CWE-552 · Files accessible externally
Published February 24, 2025
Last update June 1, 2026

CVSS base score

8.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

What the vulnerability does

01Description

Files or Directories Accessible to External Parties vulnerability in Agito Computer Health4All allows Exploiting Incorrectly Configured Access Control Security Levels, Authentication Abuse. This issue affects Health4All: before 10.01.2025.

Key dates

02Disclosure timeline

February 24, 2025 CVE published
June 1, 2026 Record updated