Home > Vulnerability Database > CVE-2024-56195

Mend.io Vulnerability Database

CVE-2024-56195

Date: March 6, 2025

An issue was discovered in ATS, where intercept plugins are not access controlled. This affects ATS 9.0.0 to 9.2.8, and ATS 10.0.0 to 10.0.3. 9.x users should upgrade to 9.2.9 or later versions, 10.x users should upgrade to 10.0.4 or later versions.

Severity Score

6.3

Related Resources (5)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-56195

Url: https://seclists.org/oss-sec/2025/q1/172

Url: https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023

Url: https://security-tracker.debian.org/tracker/CVE-2024-56195

Url: https://www.mend.io/vulnerability-database/CVE-2024-56195

Severity Score

6.3

Weakness Type (CWE)

Improper Access Control

CWE-284

CVSS v3.1

Base Score:	6.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2024-56195

Date: March 6, 2025

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?