exploitDog

GHSA-gp3c-h68x-v9g8

Опубликовано: 18 дек. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.6

Описание

Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned, aka 64099. The fixed versions are 11.5.1.1, 11.5.2.1, 11.5.3.1, 11.5.4.5, 11.5.6.1, 11.6.0, 12.2.0.1, 12.3.0.1, 12.4.0.1, 12.5.0, and 24.4.0.

Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned, aka 64099. The fixed versions are 11.5.1.1, 11.5.2.1, 11.5.3.1, 11.5.4.5, 11.5.6.1, 11.6.0, 12.2.0.1, 12.3.0.1, 12.4.0.1, 12.5.0, and 24.4.0.

Ссылки

EPSS

Процентиль: 36%

0.00148

Низкий

7.6 High

CVSS3

CVE ID

Дефекты

CWE-276

Связанные уязвимости

CVE-2024-49202

CVSS3: 7.6

nvd

около 1 года назад

Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned, aka 64099. The fixed versions are 11.5.1.1, 11.5.2.1, 11.5.3.1, 11.5.4.5, 11.5.6.1, 11.6.0, 12.2.0.1, 12.3.0.1, 12.4.0.1, 12.5.0, and 24.4.0.

EPSS

Процентиль: 36%

0.00148

Низкий

7.6 High

CVSS3

CVE ID

Дефекты

CWE-276