exploitDog

CVE-2024-55198

Опубликовано: 13 мар. 2025

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

User Enumeration via Discrepancies in Error Messages in the Celk Sistemas Celk Saude v.3.1.252.1 password recovery functionality which allows a remote attacker to enumerate users through discrepancies in the responses.

Ссылки

https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html
Technical Description
https://github.com/gabriel-bri/vulnerability-research/tree/main/CVE-2024-55198
Exploit
Third Party Advisory
https://github.com/gabriel-bri/vulnerability-research/tree/main/CVE-2024-55198
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:celk:celk_saude:3.1.252.1:*:*:*:*:*:*:*

EPSS

Процентиль: 33%

0.00131

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-204

Связанные уязвимости

GHSA-6rjg-2hv4-xq68

CVSS3: 5.3

github

11 месяцев назад

User Enumeration via Discrepancies in Error Messages in the Celk Sistemas Celk Saude v.3.1.252.1 password recovery functionality which allows a remote attacker to enumerate users through discrepancies in the responses.

EPSS

Процентиль: 33%

0.00131

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-204