CVE-2024-27790

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://support.claris.com/s/answerview?anum=000041674&language=en_US", "name": "https://support.claris.com/s/answerview?anum=000041674&language=en_US", "tags": ["Vendor Advisory"], "refsource": ""}, {"url": "https://support.claris.com/s/answerview?anum=000041674&language=en_US", "name": "https://support.claris.com/s/answerview?anum=000041674&language=en_US", "tags": ["Vendor Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server. This issue has been fixed in FileMaker Server 20.3.2 by validating transactions before replying to client requests."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-27790", "ASSIGNER": "product-security@apple.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}}, "publishedDate": "2024-05-14T15:13Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:claris:filemaker_server:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "20.3.2"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-12-09T19:31Z"}