Lucene search
PatchstackCVE-2024-43916HistoryAug 26, 2024 - 9:15 p.m.
CVE-2024-43916
2024-08-2621:15:29
CWE-639
Patchstack
web.nvd.nist.gov
28
cve-2024-43916
authorization bypass
user-controlled key
vulnerability
dylan james
zephyr project manager
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
AI Score
7
Confidence
High
EPSS
0.001
Percentile
18.8%
Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.102.
Affected configurations
Node
dylanjkotzezephyr_project_managerRange<3.3.103wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dylanjkotze | zephyr_project_manager | * | cpe:2.3:a:dylanjkotze:zephyr_project_manager:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "zephyr-project-manager",
"product": "Zephyr Project Manager",
"vendor": "Dylan James",
"versions": [
{
"changes": [
{
"at": "3.3.103",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.3.102",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-43916
2024-08-26 21:15:29
cvelist
cvelist
wordfence
wordfence
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
AI Score
7
Confidence
High
EPSS
0.001
Percentile
18.8%
Related for CVE-2024-43916