CVE-2024-49757

🗓️ 25 Oct 2024 14:22:49Reported by GitHub_MType

Zitadel software allows unauthorized user registration with versions prior to 2.64.

Reporter	Title	Published	Views	Family All 75
Circl	CVE-2024-49757	25 Oct 202417:55	–	circl
CNNVD	ZITADEL 授权问题漏洞	25 Oct 202400:00	–	cnnvd
Cvelist	CVE-2024-49757 Zitadel User Registration Bypass Vulnerability	25 Oct 202414:22	–	cvelist
EUVD	EUVD-2024-2921	3 Oct 202520:07	–	euvd
Github Security Blog	User Registration Bypass in Zitadel	25 Oct 202419:30	–	github
Nuclei	Zitadel - User Registration Bypass	3 Jun 202606:04	–	nuclei
NVD	CVE-2024-49757	25 Oct 202415:15	–	nvd
OPENSUSE Linux	Security update for govulncheck-vulndb (important)	5 Nov 202400:00	–	opensuse
OPENSUSE Linux	govulncheck-vulndb-0.0.20241030T212825-1.1 on GA media (moderate)	2 Nov 202400:00	–	opensuse
OpenVAS	openSUSE Security Advisory (SUSE-SU-2024:3911-1)	6 Nov 202400:00	–	openvas

NVD

Vulners

Node

zitadel zitadelRange<2.58.7

zitadel zitadelRange2.59.0–2.59.5

zitadel zitadelRange2.60.0–2.60.4

zitadel zitadelRange2.61.0–2.61.4

zitadel zitadelRange2.62.0–2.62.7

zitadel zitadelRange2.63.0–2.63.5

[
  {
    "vendor": "zitadel",
    "product": "zitadel",
    "versions": [
      {
        "version": ">= 2.63, < 2.63.5",
        "status": "affected"
      },
      {
        "version": ">= 2.62, < 2.62.7",
        "status": "affected"
      },
      {
        "version": ">= 2.61, < 2.61.3",
        "status": "affected"
      },
      {
        "version": ">= 2.60, < 2.60.3",
        "status": "affected"
      },
      {
        "version": ">= 2.59, < 2.59.4",
        "status": "affected"
      },
      {
        "version": "< 2.58.6",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/zitadel/zitadel/security/advisories/GHSA-3rmw-76m6-4gjc
github	www.github.com/zitadel/zitadel/releases/tag/v2.62.7
github	www.github.com/zitadel/zitadel/releases/tag/v2.64.0
github	www.github.com/zitadel/zitadel/releases/tag/v2.61.4
github	www.github.com/zitadel/zitadel/releases/tag/v2.60.4
github	www.github.com/zitadel/zitadel/releases/tag/v2.63.5
github	www.github.com/zitadel/zitadel/releases/tag/v2.58.7
github	www.github.com/zitadel/zitadel/releases/tag/v2.59.5

26 Aug 2025 16:31Current

7.3High risk

Vulners AI Score7.3

CVSS 3.14.9 - 7.5

EPSS0.10774

SSVC

CWE-287