Back to search
CVE-2024-3462
Published: May 13, 2024
Modified: Nov 7, 2024
PUBLISHED
Description
Ant Media Server Community Edition in a default configuration is vulnerable to an improper HTTP header based authorization, leading to a possible use of non-administrative API calls reserved only for authorized users. All versions up to 2.9.0 (tested) and possibly newer ones are believed to be vulnerable as the vendor has not confirmed releasing a patch.
| Vendor | Product | Versions |
|---|---|---|
Ant Media | Ant Media Server Community Edition | affected 0 - <= 2.9.0 |
Weaknesses (CWE)
References
https://antmedia.io/
product
https://cert.pl/en/posts/2024/05/CVE-2024-3462
third-party-advisory
https://cert.pl/posts/2024/05/CVE-2024-3462
third-party-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now