CVE-2024-52269

HIGH EPSS 19.2%

Published Dec 4, 20241y ago · Modified Jun 17, 20261w ago

8.2 CVSS 4.0

High

Published Dec 4, 2024 1y ago

Last Modified Jun 17, 2026 1w ago

Description

User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSign allows Content Spoofing. The SaaS AI assistant ignores hidden content that is rendered after signing, misleading the user. For reference see: CVE-2024-52276 This issue affects DocuSign: through 2024-12-04.

CVSS Details

Base Score

8.2

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red

Attack Vector Local

Attack Complexity Low

Privileges Required None

User Interaction P

Scope X

Threat Intelligence

EPSS Exploit Probability

19.2% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-451

References 2

loom.com https://www.loom.com/share/65ce5423d2a04e0bbd2688a178d5427f
vulsec.org https://www.vulsec.org/advisories

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.