{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T08:06:34.134","vulnerabilities":[{"cve":{"id":"CVE-2024-57249","sourceIdentifier":"cve@mitre.org","published":"2025-02-07T16:15:38.180","lastModified":"2025-09-15T18:02:51.267","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Incorrect Access Control in the Preview Function of Gleamtech FileVista 9.2.0.0 allows remote attackers to gain unauthorized access via exploiting a vulnerability in access control mechanisms by removing authentication-related HTTP headers, such as the Cookie header, in the request. This bypasses the authentication process and grants attackers access to sensitive image files without proper login credentials."},{"lang":"es","value":"Un control de acceso incorrecto en la función de vista previa de Gleamtech FileVista 9.2.0.0 permite a atacantes remotos obtener acceso no autorizado mediante la explotación de una vulnerabilidad en los mecanismos de control de acceso eliminando los encabezados HTTP relacionados con la autenticación, como el encabezado Cookie, en la solicitud. Esto evita el proceso de autenticación y otorga a los atacantes acceso a archivos de imágenes confidenciales sin las credenciales de inicio de sesión adecuadas."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gleamtech:filevista:9.2.0:*:*:*:*:*:*:*","matchCriteriaId":"D8D553A7-0E37-4600-A567-3E34CC6103A3"}]}]}],"references":[{"url":"https://packetstorm.news/files/id/189019","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.gleamtech.com/filevista","source":"cve@mitre.org","tags":["Product"]}]}}]}