{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T16:00:38.791","vulnerabilities":[{"cve":{"id":"CVE-2024-29837","sourceIdentifier":"430a6cef-dc26-47e3-9fa8-52fb7f19644e","published":"2024-04-15T00:15:13.097","lastModified":"2025-12-10T17:37:33.200","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below uses poor session management, allowing for an unauthenticated attacker to access administrator functionality if any other user is already signed in."},{"lang":"es","value":"La interfaz web de Evolution Controller, versiones 2.04.560.31.03.2024 e inferiores, utiliza una gestión de sesión deficiente, lo que permite que un atacante no autenticado acceda a la funcionalidad de administrador si algún otro usuario ya ha iniciado sesión."}],"metrics":{"cvssMetricV31":[{"source":"430a6cef-dc26-47e3-9fa8-52fb7f19644e","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"430a6cef-dc26-47e3-9fa8-52fb7f19644e","type":"Secondary","description":[{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-1390"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cs-technologies:evolution:*:*:*:*:*:*:*:*","versionEndIncluding":"2.04.560","matchCriteriaId":"2087F49B-A37F-4472-A543-B6E6B5EA424E"}]}]}],"references":[{"url":"https://directcyber.com.au/sa/CVE-2024-29836-to-29844-evolution-controller-multiple-vulnerabilities.html","source":"430a6cef-dc26-47e3-9fa8-52fb7f19644e","tags":["Third Party Advisory"]},{"url":"https://directcyber.com.au/sa/CVE-2024-29836-to-29844-evolution-controller-multiple-vulnerabilities.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}