CVE-2024-0336

CVSS

No CVSS.

M

issing Authentication for Critical Function vulnerability in EMTA Grup PDKS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDKS: from V3.04 before 20240603. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

References

Link	Resource
https://www.usom.gov.tr/bildirim/tr-24-0600
https://www.usom.gov.tr/bildirim/tr-24-0600

Configurations

No configuration.

History

14 Oct 2025, 13:15

Type	Values Removed	Values Added
CWE	~~CWE-284~~	CWE-306
Summary	(en) Improper Access Control vulnerability in EMTA Grup PDKS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDKS: before 20240603. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	(en) Missing Authentication for Critical Function vulnerability in EMTA Grup PDKS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDKS: from V3.04 before 20240603. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

21 Nov 2024, 08:46

Type	Values Removed	Values Added
References	~~() https://www.usom.gov.tr/bildirim/tr-24-0600 -~~	() https://www.usom.gov.tr/bildirim/tr-24-0600 -

03 Jun 2024, 14:46

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-03 14:15

Updated : 2025-10-14 13:15

NVD link : CVE-2024-0336

Mitre link : CVE-2024-0336

CVE.ORG link : CVE-2024-0336

JSON object : View

Products Affected

No product.

CWE

CWE-306

Missing Authentication for Critical Function

{"id": "CVE-2024-0336", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.4, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2024-06-03T14:15:08.900", "references": [{"url": "https://www.usom.gov.tr/bildirim/tr-24-0600", "source": "[email protected]"}, {"url": "https://www.usom.gov.tr/bildirim/tr-24-0600", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "Missing Authentication for Critical Function vulnerability in EMTA Grup PDKS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDKS: from V3.04 before 20240603.\u00a0NOTE: The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "es", "value": "Una vulnerabilidad de control de acceso inadecuado en EMTA Grup PDKS permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a PDKS: antes de 20240603. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."}], "lastModified": "2025-10-14T13:15:33.147", "sourceIdentifier": "[email protected]"}