{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56953?format=json","vulnerability_id":"VCID-xpcp-1efy-sbe6","summary":"SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references (IDOR) via the devService API model.","aliases":[{"alias":"CVE-2024-50687"}],"fixed_packages":[],"affected_packages":[],"references":[{"reference_url":"https://en.sungrowpower.com/security-notice-detail-2/6114","reference_id":"6114","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-28T17:00:07Z/"}],"url":"https://en.sungrowpower.com/security-notice-detail-2/6114"}],"weaknesses":[],"exploits":[],"severity_range_score":"9.1 - 9.1","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xpcp-1efy-sbe6"}