Cyber Posture

CVE-2024-57757

HighPublic PoC

Published: 15 January 2025

Published
15 January 2025
Modified
18 April 2025
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0011 29.3th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-57757 is a high-severity Missing Authorization (CWE-862) vulnerability in Jeewms Jeewms. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 29.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-25 (Reference Monitor) and AC-3 (Access Enforcement).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-3 Access Enforcement good match
prevent

Requires enforcement of approved authorizations for access to system resources, directly countering the permission bypass in the AuthInterceptor component.

SI-2 Flaw Remediation good match
prevent

Mandates timely identification, reporting, and correction of system flaws, enabling patching to JeeWMS v2025.01.01 or later to remediate the authorization bypass.

AC-25 Reference Monitor good match
prevent

Implements a tamper-proof reference monitor mechanism to mediate all access control decisions, addressing flaws in authorization interceptors like AuthInterceptor.cava.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1213.004 Customer Relationship Management Software Collection
Adversaries may leverage Customer Relationship Management (CRM) software to mine valuable information.
attack.mitre.org →
Why these techniques?

Permission bypass in AuthInterceptor allows unauthenticated exploitation of public-facing web application (T1190) to access sensitive customer data via mdCusController.do, matching CRM software data collection (T1213.004).

NVD Description

JeeWMS before v2025.01.01 was discovered to contain a permission bypass in the component /interceptors/AuthInterceptor.cava.

Deeper analysisAI

CVE-2024-57757 is a permission bypass vulnerability, classified under CWE-862 (Missing Authorization), affecting JeeWMS versions prior to v2025.01.01. The flaw is located in the /interceptors/AuthInterceptor.cava component, enabling attackers to circumvent access controls. Published on 2025-01-15, it carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), reflecting high severity due to its potential for significant confidentiality impacts.

Remote unauthenticated attackers can exploit this vulnerability over the network with low attack complexity and without requiring user interaction. Successful exploitation allows bypassing authorization checks, granting access to sensitive data that should otherwise be restricted.

Mitigation is achieved by upgrading to JeeWMS v2025.01.01 or later. Further details are provided in the referenced advisory at https://gitee.com/erzhongxmu/JEEWMS/issues/IBFKBM.

Details

CWE(s)
CWE-862

Affected Products

jeewms
jeewms
≤ 2025.01.01

CVEs Like This One

CVE-2026-3026Same product: Jeewms Jeewms
CVE-2025-50901Same product: Jeewms Jeewms
CVE-2025-67974Shared CWE-862
CVE-2026-28254Shared CWE-862
CVE-2026-3266Shared CWE-862
CVE-2025-69297Shared CWE-862
CVE-2025-69186Shared CWE-862
CVE-2026-25456Shared CWE-862
CVE-2025-13493Shared CWE-862
CVE-2026-30968Shared CWE-862

References