How severe is CVE-2024-43690?

This vulnerability has a severity rating of HIGH with a CVSS score of 8 out of 10.

What type of vulnerability is CVE-2024-43690?

This is classified as CWE-829, which is a common weakness in software security.

CVE-2024-43690 - HIGH Severity | CVSS 8

Vulnerability Description

Inclusion of Functionality from Untrusted Control Sphere(CWE-829) in the Command Centre Server and Workstations may allow an attacker to perform Remote Code Execution (RCE). This issue affects: Command Centre Server and Command Centre Workstations 9.10 prior to vEL9.10.1530 (MR2), 9.00 prior to vEL9.00.2168 (MR4), 8.90 prior to vEL8.90.2155 (MR5), 8.80 prior to vEL8.80.1938 (MR6), all versions of 8.70 and prior.

Related Vulnerabilities

CVE-2021-41037

HIGH

CVSS:8.0(High)

In Eclipse p2, installable units are able to alter the Eclipse Platform installation and the local machine via touchpoints during installation. Those touchpoints can, for example, alter the command-li...

CWE-8292021

CVE-2022-30244

HIGH

CVSS:8.0(High)

Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be store on the controller and then run without verif...

CWE-8292022

CVE-2017-6381

HIGH

CVSS:8.1(High)

A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default .htaccess protection against PHP execution, an...

CWE-8292017

CVE-2019-10666

HIGH

CVSS:8.1(High)

An issue was discovered in LibreNMS through 1.47. Several of the scripts perform dynamic script inclusion via the include() function on user supplied input without sanitizing the values by calling bas...

CWE-8292019

CVE-2019-11770

HIGH

CVSS:8.1(High)

In Eclipse Buildship versions prior to 3.1.1, the build files indicate that this project is resolving dependencies over HTTP instead of HTTPS. Any of these artifacts could have been MITM to maliciousl...

CWE-8292019

CVE-2020-24985

HIGH

CVSS:8.1(High)

An issue was discovered in Quadbase EspressReports ES 7 Update 9. An authenticated user is able to navigate to the MenuPage section of the application, and change the frmsrc parameter value to retriev...

CWE-8292020