CVE-2024-49373 — MEDIUM (4.1)

Q: How severe is CVE-2024-49373?

CVE-2024-49373 has been rated MEDIUM with a CVSS base score of 4.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2024-49373?

Check the references section above for vendor advisories and patch information. Affected products include: Nofusscomputing Centurion Erp.

Vulnerability Description

No Fuss Computing Centurion ERP is open source enterprise resource planning (ERP) software. Prior to version 1.2.1, an authenticated user can view projects within organizations they are not apart of. Version 1.2.1 fixes the problem.

CVSS Score

4.1

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Nofusscomputing	Centurion Erp	< 1.2.1

Related Weaknesses (CWE)

CWE-653

References

FAQ

What is CVE-2024-49373?

CVE-2024-49373 is a vulnerability with a CVSS score of 4.1 (MEDIUM). No Fuss Computing Centurion ERP is open source enterprise resource planning (ERP) software. Prior to version 1.2.1, an authenticated user can view projects within organizations they are not apart of. ...

How severe is CVE-2024-49373?

CVE-2024-49373 has been rated MEDIUM with a CVSS base score of 4.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-49373?

Check the references section above for vendor advisories and patch information. Affected products include: Nofusscomputing Centurion Erp.