Lucene search
MitreCVE-2024-37830HistoryJul 09, 2024 - 8:15 p.m.
CVE-2024-37830
2024-07-0920:15:11
CWE-601
mitre
web.nvd.nist.gov
26
outline vulnerability
redirect attack
state cookie interception
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
16.8%
An issue in Outline <= v0.76.1 allows attackers to redirect a victim user to a malicious site via intercepting and changing the state cookie.
Affected configurations
Node
getoutlineoutlineRange≤0.76.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| getoutline | outline | * | cpe:2.3:a:getoutline:outline:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2024-37830
2024-07-09 00:00:00
vulnrichment
vulnrichment
CVE-2024-37830
2024-07-09 00:00:00
nvd
nvd
CVE-2024-37830
2024-07-09 20:15:11
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
16.8%
Related for CVE-2024-37830