CVE-2024-56217Missing Authorization in Download Manager

CWE-862Missing Authorization3 documents3 sources
Severity
6.3MEDIUMNVD
EPSS
0.1%
top 77.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
W3eden Download ManagerShahjada Download Manager
Timeline
PublishedDec 31

Description

Missing Authorization vulnerability in Shahjada Download Manager download-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Manager: from n/a through <= 3.3.03.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.4

Affected Packages2 packages

CVEListV5shahjada/download_manager3.3.03

🔴Vulnerability Details

2
GHSA
GHSA-wxm7-9gw3-47wq: Missing Authorization vulnerability in W3 Eden, Inc2024-12-31
CVEList
WordPress Download Manager plugin <= 3.3.03 - Broken Access Control vulnerability2024-12-31
CVE-2024-56217 — Missing Authorization | cvebase