Carregando...
Qualitor - Software para Atender Melhor - Help Desk, Service Desk, Shared Services, Ouvidoria
Qualitor - Software para Atender Melhor - Help Desk, Service Desk, Shared Services, Ouvidoria

Official Security Advisory – CVE-2024-48360

Comunicado-Institucional-01

Publication Date: September 10, 2024

CVE ID: CVE-2024-48360

Affected Product(s): Qualitor / Versions 8.20, 8.24

At Qualitor Software, we are committed to the security and integrity of our products. We aim to maintain transparency and provide ongoing support to our users. A security vulnerability has recently been identified in our software, referenced under CVE-2024-48360.

Vulnerability Description

The vulnerability was found in the file:

html/ad/adformmobile/request/viewValidacao.php

It may allow a remote attacker, without authentication, to induce the vulnerable server to initiate HTTP requests to arbitrary destinations via Server-Side Request Forgery (SSRF).

Resolution

Upon identification, our security team promptly developed and tested an effective fix to mitigate the risk.

The fix is available in the following versions:

8.20 changeset (831ea518) – Released on September 10, 2024

8.24 changeset (bee7b3e) – Released on September 10, 2024

Users can request the update procedure through our official communication channels.

We strongly recommend all users apply the update as soon as possible to ensure continued system security.

Actions Taken

Analysis and Mitigation: The vulnerability was thoroughly investigated, and the necessary fix was implemented.

Quality Assurance: Rigorous testing was conducted to confirm that the fix does not impact the stability or performance of the product.

Proactive Communication: Clients were notified of the update and advised to apply the fix immediately.

User Guidance

Verify your current product version and ensure you are running one of the following or a later patch:

8.20 changeset (831ea518) – September 10, 2024

8.24 changeset (bee7b3e) – September 10, 2024

Apply the update as per the instructions provided through our official support channels.

If you have any questions or require assistance, please contact our support team.

Security Commitment

At Qualitor Software, we take product security seriously. We continuously work to identify, correct, and prevent vulnerabilities to provide a safe environment for our users.
We will continue to monitor and improve our solutions to maintain the trust of our clients and the integrity of systems using our products.

Contact

For questions or additional information, please reach out to our technical support team:

? Email: suporte@qualitor.com.br

? Support Portal: https://qualitor.qualitorsoftware.com/qualitor/LoginUsuario.php

Qualitor informa: usamos cookies para personalizar anúncios e melhorar a sua experiência no site. Ao continuar navegando, você concorda com a nossa Política de Privacidade.

continuar e fechar