exploitDog

CVE-2024-24554

Опубликовано: 24 июн. 2024

Источник: nvd

CVSS3: 8.2

EPSS Низкий

Описание

Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API.

Ссылки

https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/
Third Party Advisory
https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bludit:bludit:*:*:*:*:*:*:*:*

Версия от 3.14.0 (включая) до 3.15.0 (включая)

EPSS

Процентиль: 31%

0.00117

Низкий

8.2 High

CVSS3

Дефекты

CWE-287

Связанные уязвимости

GHSA-8328-q9mx-pp5j

CVSS3: 8.2

github

больше 1 года назад

Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API.

EPSS

Процентиль: 31%

0.00117

Низкий

8.2 High

CVSS3

Дефекты

CWE-287