CVE-2024-34885

Published November 4th, 2024

View on NVD ↗

CVSS v3

6.8

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to read SMTP accounts passwords via HTTP GET request.

DrieVlad/BitrixVulns

GitHub