exploitDog

CVE-2024-24552

Опубликовано: 24 июн. 2024

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

A session fixation vulnerability in Bludit allows an attacker to bypass the server's authentication if they can trick an administrator or any other user into authorizing a session ID of their choosing.

Ссылки

https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/
Third Party Advisory
https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bludit:bludit:*:*:*:*:*:*:*:*

Версия от 3.14.0 (включая) до 3.15.0 (включая)

EPSS

Процентиль: 4%

0.0002

Низкий

8.8 High

CVSS3

Дефекты

CWE-384

Связанные уязвимости

GHSA-7pcp-vq94-mvr5

CVSS3: 8.8

github

больше 1 года назад

A session fixation vulnerability in Bludit allows an attacker to bypass the server's authentication if they can trick an administrator or any other user into authorizing a session ID of their choosing.

EPSS

Процентиль: 4%

0.0002

Низкий

8.8 High

CVSS3

Дефекты

CWE-384