From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability ID: CVE-2024-11176 2. Vulnerability Name: Incorrect calculation of effective permissions in M-Files Aino 3. Description: In M-Files Aino versions prior to 24.10, unauthorized users could access object information due to incorrect calculation of effective permissions. 4. Affected Products: All versions of M-Files Aino prior to version 24.10. 5. Additional Information: - The issue has been resolved by updating the M-Files Aino backend cloud; no action is required from customers. - CVSS 4.0 CVSS-BT Score: 5.3 - CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/RC:L/VI:N/VA:N/SC:N/CI:N/SA:N - CWE: CWE-732 Incorrect Permission Assignment for Critical Resource, CWE-863 Incorrect Authorization, CWE-682 Incorrect Calculation - CAPEC: CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs - Internal ID: 171406 - Release Date: November 20, 2024 6. Exploitability: - Public Disclosure: No - Exploitation: No - Exploitability: Low – Internally discovered 7. Link: CVE-2024-11176 8. History: Released on November 20, 2024 This information provides a detailed description of the vulnerability, the affected product range, security scoring, exploitability assessment, and relevant links.