Lucene search
INCIBECVE-2024-1144HistoryMar 19, 2024 - 12:15 p.m.
CVE-2024-1144
2024-03-1912:15:07
CWE-284
INCIBE
web.nvd.nist.gov
32
devklan
alma blog
access control
vulnerability
nvd
cve-2024-1144
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
AI Score
6.9
Confidence
Low
EPSS
0
Percentile
9.0%
Improper access control vulnerability in Devklan’s Alma Blog that affects versions 2.1.10 and earlier. This vulnerability could allow an unauthenticated user to access the application’s functionalities without the need for credentials.
Affected configurations
Node
devklanalma_blogRange≤2.1.10
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Alma Blog",
"vendor": "Devklan",
"versions": [
{
"lessThanOrEqual": "2.1.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
CVE-2024-1144 Improper Access Control at Alma Devklan Blog
2024-03-19 11:32:49
vulnrichment
vulnrichment
CVE-2024-1144 Improper Access Control at Alma Devklan Blog
2024-03-19 11:32:49
nvd
nvd
CVE-2024-1144
2024-03-19 12:15:07
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
AI Score
6.9
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2024-1144