CVE-2024-50701

Опубликовано: 30 дек. 2024

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

TeamPass before 3.1.3.1, when retrieving information about access rights for a folder, does not properly check whether a folder is in a user's allowed folders list that has been defined by an admin.

Ссылки

https://github.com/nilsteampassnet/TeamPass/commit/ddbb2d3d94085dced50c4936fd2215af88e4a88d
Patch
https://github.com/nilsteampassnet/TeamPass/compare/3.1.2...3.1.3.1
Product
https://github.com/nilsteampassnet/TeamPass/compare/3.1.3...3.1.3.1
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:teampass:teampass:*:*:*:*:*:*:*:*

Версия до 3.1.3.1 (исключая)

EPSS

Процентиль: 31%

0.00113

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-266

Связанные уязвимости

CVE-2024-50701

CVSS3: 4.3

debian

11 месяцев назад

TeamPass before 3.1.3.1, when retrieving information about access righ ...

GHSA-2697-96mv-3gfm

CVSS3: 4.3

github

11 месяцев назад

TeamPass does not properly check whether a folder is in a user's allowed folders list

EPSS

Процентиль: 31%

0.00113

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-266