Primary

Context

Hammock AssetView and AssetView CLOUD Missing Authentication Vulnerability in Critical Functions

Vulnerability

A vulnerability allowing missing authentication for critical functions has been identified in Hammock's AssetView and AssetView CLOUD products. This issue affects AssetView versions prior to 13.2.4.3408 and AssetView CLOUD versions prior to 13.2.4.3408 and 13.3.4.3004. The vulnerability allows remote unauthenticated attackers to access or delete files on the server where the product is running.

Impact

Exploitation of this vulnerability could lead to unauthorized access to or deletion of files on the server.

Remediation

Users of AssetView should visit the AssetView support website to download the latest version and follow the provided upgrade instructions. AssetView CLOUD users will be contacted by the company for upgrade instructions. For immediate concerns, contact the Hammock support group.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.7

remediation

6.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.7

remediation

6.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hammock AssetView and AssetView CLOUD Missing Authentication Vulnerability in Critical Functions

Vulnerability

Impact

Remediation

Affected Products

Hammock AssetView

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating