CVE-2024-22047

Опубликовано: 04 янв. 2024

Источник: nvd

CVSS3: 3.1

EPSS Низкий

Описание

A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user.

Ссылки

https://github.com/advisories/GHSA-hjp3-5g2q-7jww
Third Party Advisory
https://github.com/collectiveidea/audited/issues/601
Issue Tracking
Patch
Vendor Advisory
https://github.com/collectiveidea/audited/pull/669
Patch
https://github.com/collectiveidea/audited/pull/671
Patch
https://github.com/collectiveidea/audited/security/advisories/GHSA-hjp3-5g2q-7jww
Vendor Advisory
https://vulncheck.com/advisories/vc-advisory-GHSA-hjp3-5g2q-7jww
Third Party Advisory
https://github.com/advisories/GHSA-hjp3-5g2q-7jww
Third Party Advisory
https://github.com/collectiveidea/audited/issues/601
Issue Tracking
Patch
Vendor Advisory
https://github.com/collectiveidea/audited/pull/669
Patch
https://github.com/collectiveidea/audited/pull/671
Patch
https://github.com/collectiveidea/audited/security/advisories/GHSA-hjp3-5g2q-7jww
Vendor Advisory
https://vulncheck.com/advisories/vc-advisory-GHSA-hjp3-5g2q-7jww
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:collectiveidea:audited:*:*:*:*:*:*:*:*

Версия от 4.0.0 (включая) до 5.3.3 (исключая)

EPSS

Процентиль: 76%

0.00933

Низкий

3.1 Low

CVSS3

Дефекты

CWE-362

Связанные уязвимости

CVE-2024-22047

CVSS3: 3.1

redhat

около 2 лет назад

A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user.

GHSA-hjp3-5g2q-7jww

CVSS3: 3.1

github

почти 3 года назад

Race Condition leading to logging errors

EPSS

Процентиль: 76%

0.00933

Низкий

3.1 Low

CVSS3

Дефекты

CWE-362