Security ID : QSA-24-34
Vulnerability in QuMagie
Release date : September 7, 2024
CVE identifier : CVE-2024-38642
Affected products: QuMagie 2.3.x
Severity
Moderate
Status
Resolved
Summary
An improper certificate validation vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow local attackers who have gained user access to compromise the security of the system.
We have already fixed the vulnerability in the following version:
| Affected Product | Fixed Version |
| QuMagie 2.3.x | QuMagie 2.3.1 and later |
Recommendation
To fix the vulnerability, we recommend updating QuMagie to the latest version.
Updating QuMagie
- Log on to QTS or QuTS hero as an administrator.
- Open App Center and then click
.
A search box appears. - Type "QuMagie" and then press ENTER.
QuMagie appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your QuMagie is already up to date. - Click OK.
The application is updated.
Attachment
Acknowledgements: Anonymous
Revision History:
V1.0 (September 07, 2024) - Published
