CVE-2024-45058

HIGH

CVSS v3

8.1

HIGH

EPSS Score

24.3%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. Prior to the 2.9 branch, an attacker with only minimal viewing privileges in the settings section is able to change their user type to Administrator (or another type with super-permissions) through a specifically crafted POST request to `/intranet/educar_usuario_cad.php`, modifying the `nivel_usuario_` parameter. The vulnerability occurs in the file located at `ieducar/intranet/educar_usuario_cad.php`, which does not check the user's current permission level before allowing changes. Commit c25910cdf11ab50e50162a49dd44bef544422b6e contains a patch for the issue.

Technical Details

Published
8/28/2024

Frequently Asked Questions

What is CVE-2024-45058?

i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. Prior to the 2.9 branch, an attacker with only minimal viewing privileges in the settings section is able to change their user type to Administrator (or another type with super-permissions) through a specifically crafted POST request to `/intranet/educar_usuario_cad.php`, modifying the `nivel_usuario_` parameter. The vulnerability occurs in the file located at `ieducar/intranet/educar_usuario_cad.php`, which does not check the user's current permission level before allowing changes. Commit c25910cdf11ab50e50162a49dd44bef544422b6e contains a patch for the issue.

Is CVE-2024-45058 actively exploited?

Active exploitation of CVE-2024-45058 has not been confirmed. The EPSS score is 24.3%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2024-45058?

CVE-2024-45058 has a CVSS v3 base score of 8.1 (HIGH severity).

Is CVE-2024-45058 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.