{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T21:21:34.206","vulnerabilities":[{"cve":{"id":"CVE-2024-5995","sourceIdentifier":"twcert@cert.org.tw","published":"2024-06-14T08:15:43.097","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. The expiration of the session is not properly configured, remaining valid for more than 7 days and can be reused."},{"lang":"es","value":"Los correos electrónicos de notificación enviados por Soar Cloud HR Portal contienen un enlace con una sesión integrada. La caducidad de la sesión no está configurada correctamente, quedando válida por más de 7 días y puede ser reutilizada."}],"metrics":{"cvssMetricV31":[{"source":"twcert@cert.org.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"twcert@cert.org.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-613"}]}],"references":[{"url":"https://www.twcert.org.tw/en/cp-139-7872-1c8b4-2.html","source":"twcert@cert.org.tw"},{"url":"https://www.twcert.org.tw/tw/cp-132-7871-fecf1-1.html","source":"twcert@cert.org.tw"},{"url":"https://www.twcert.org.tw/en/cp-139-7872-1c8b4-2.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.twcert.org.tw/tw/cp-132-7871-fecf1-1.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}