CVE-2024-34077

🗓️ 14 May 2024 15:28:38Reported by GitHub_MType

MantisBT Insufficient Access Control in Registration and Password Reset Process CVE-2024-3407

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
NVD	CVE-2024-34077	14 May 202415:38	–	nvd
Github Security Blog	Mantis Bug Tracker (MantisBT) allows user account takeover in the signup/reset password process	13 May 202414:57	–	github
Veracode	Account Takeover	14 May 202406:51	–	veracode
OSV	GHSA-93X3-M7PW-PPQM Mantis Bug Tracker (MantisBT) allows user account takeover in the signup/reset password process	13 May 202414:57	–	osv
OSV	CVE-2024-34077	14 May 202415:38	–	osv
Vulnrichment	CVE-2024-34077 MantisBT user account takeover in the signup/reset password process	13 May 202415:30	–	vulnrichment
Cvelist	CVE-2024-34077 MantisBT user account takeover in the signup/reset password process	13 May 202415:30	–	cvelist
RedhatCVE	CVE-2024-34077	5 Feb 202511:27	–	redhatcve
Tenable Nessus	MantisBT < 2.26.2 Multiple Vulnerabilities	27 May 202400:00	–	nessus

Nvd

Vulners

Node

mantisbt mantisbtRange<2.26.2

[
  {
    "vendor": "mantisbt",
    "product": "mantisbt",
    "versions": [
      {
        "version": "< 2.26.2",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/mantisbt/mantisbt/commit/92d11a01b195a1b6717a2f205218089158ea6d00
github	www.github.com/mantisbt/mantisbt/security/advisories/GHSA-93x3-m7pw-ppqm
mantisbt	www.mantisbt.org/bugs/view.php

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 May 2024 15:38Current

6.4Medium risk

Vulners AI Score6.4

CVSS37.3

EPSS0.00385

SSVC