CVE-2024-23747

Description

The Moderna Sistemas ModernaNet Hospital Management System 2024 is susceptible to an Insecure Direct Object Reference (IDOR) vulnerability. This vulnerability resides in the system's handling of user data access through a /Modernanet/LAUDO/LAU0000100/Laudo?id= URI. By manipulating this id parameter, an attacker can gain access to sensitive medical information.

NVD
Severity: HIGH
CVE ID: CVE-2024-23747
CVSS Score: 7.5
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Refrence: NVD MITRE

Proof Of Concept

louiselalanne

Moderna Sistemas ModernaNet Hospital Management System 2024 is susceptible to an Insecure Direct Object Reference (IDOR) vulnerability

Refrence: GitHub

Description​

Proof Of Concept​

Description

Proof Of Concept