How severe is CVE-2024-12483?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2024-12483?

This is classified as CWE-285, which is a common weakness in software security.

CVE-2024-12483 - MEDIUM Severity | CVSS 5.9

Vulnerability Description

A vulnerability classified as problematic has been found in Dromara UJCMS up to 9.6.3. This affects an unknown part of the file /users/id of the component User ID Handler. The manipulation leads to authorization bypass. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.

Related Vulnerabilities

CVE-2019-18827

MEDIUM

CVSS:5.9(Medium)

On Barco ClickShare Button R9861500D01 devices (before firmware version 1.9.0) JTAG access is disabled after ROM code execution. This means that JTAG access is possible when the system is running code...

CWE-2852019

CVE-2020-3150

MEDIUM

CVSS:5.9(Medium)

A vulnerability in the web-based management interface of Cisco Small Business RV110W and RV215W Series Routers could allow an unauthenticated, remote attacker to download sensitive information from th...

CWE-2852020

CVE-2024-21166

MEDIUM

CVSS:5.9(Medium)

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows ...

CWE-2852024

CVE-2025-29778

MEDIUM

CVSS:5.8(Medium)

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to version 1.14.0-alpha.1, Kyverno ignores subjectRegExp and IssuerRegExp while verifying artifact's sign with ke...

CWE-2852025

CVE-2022-22268

MEDIUM

CVSS:6.1(Medium)

Incorrect implementation of Knox Guard prior to SMR Jan-2022 Release 1 allows physically proximate attackers to temporary unlock the Knox Guard via Samsung DeX mode.

CWE-2852022

CVE-2023-41819

MEDIUM

CVSS:6.1(Medium)

A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application that could allow a local attacker to access unauthorized content providers.

CWE-2852023