CVE-2024-1032
HIGHOpenbi < 1.0.8 - Insecure Deserialization
Title source: ruleDescription
A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this vulnerability is the function testConnection of the file /application/index/controller/Databasesource.php of the component Test Connection Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252307.
Scores
CVSS v3
7.3
EPSS
0.0008
EPSS Percentile
23.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Classification
CWE
CWE-502
Status
published
Affected Products (1)
openbi_project/openbi
< 1.0.8
Timeline
Published
Jan 30, 2024
Tracked Since
Feb 18, 2026