CVE-2024-6406

Missing Authentication for Critical Function, Missing Authorization vulnerability in Yordam Information Technology Mobile Library Application allows Retrieve Embedded Sensitive Data.This issue affects Mobile Library Application: before 5.0.

CVSS

No CVSS.

References

Link	Resource
https://www.usom.gov.tr/bildirim/tr-24-1496

Configurations

No configuration.

History

14 Oct 2025, 13:15

Type	Values Removed	Values Added
Summary	(en) Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Yordam Information Technology Mobile Library Application allows Retrieve Embedded Sensitive Data.This issue affects Mobile Library Application: before 5.0.	(en) Missing Authentication for Critical Function, Missing Authorization vulnerability in Yordam Information Technology Mobile Library Application allows Retrieve Embedded Sensitive Data.This issue affects Mobile Library Application: before 5.0.
CWE	~~CWE-200~~	CWE-862 CWE-306

20 Sep 2024, 12:30

Type	Values Removed	Values Added
Summary		(es) La vulnerabilidad de exposición de información confidencial a un actor no autorizado en la aplicación de librería móvil de Yordam Information Technology permite recuperar datos confidenciales integrados. Este problema afecta a la aplicación de librería móvil: anterior a 5.0.

18 Sep 2024, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-18 12:15

Updated : 2025-10-14 13:15

NVD link : CVE-2024-6406

Mitre link : CVE-2024-6406

CVE.ORG link : CVE-2024-6406

JSON object : View

Products Affected

No product.

CWE

CWE-306

Missing Authentication for Critical Function

CWE-862

Missing Authorization

{"id": "CVE-2024-6406", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "iletisim@usom.gov.tr", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2024-09-18T12:15:03.370", "references": [{"url": "https://www.usom.gov.tr/bildirim/tr-24-1496", "source": "iletisim@usom.gov.tr"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "iletisim@usom.gov.tr", "description": [{"lang": "en", "value": "CWE-306"}, {"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "Missing Authentication for Critical Function, Missing Authorization vulnerability in Yordam Information Technology Mobile Library Application allows Retrieve Embedded Sensitive Data.This issue affects Mobile Library Application: before 5.0."}, {"lang": "es", "value": "La vulnerabilidad de exposici\u00f3n de informaci\u00f3n confidencial a un actor no autorizado en la aplicaci\u00f3n de librer\u00eda m\u00f3vil de Yordam Information Technology permite recuperar datos confidenciales integrados. Este problema afecta a la aplicaci\u00f3n de librer\u00eda m\u00f3vil: anterior a 5.0."}], "lastModified": "2025-10-14T13:15:36.073", "sourceIdentifier": "iletisim@usom.gov.tr"}