| Reporter | Title | Published | Views | Family All 15 |
|---|---|---|---|---|
| CVE-2024-52008 | 26 Nov 202418:55 | – | circl | |
| Fides 安全漏洞 | 26 Nov 202400:00 | – | cnnvd | |
| CVE-2024-52008 Password Policy Bypass Vulnerability in Fides Webserver | 26 Nov 202418:52 | – | cvelist | |
| EUVD-2024-3385 | 3 Oct 202520:07 | – | euvd | |
| Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API | 26 Nov 202416:36 | – | github | |
| CVE-2024-52008 | 26 Nov 202419:15 | – | nvd | |
| CVE-2024-52008 Password Policy Bypass Vulnerability in Fides Webserver | 26 Nov 202418:52 | – | osv | |
| GHSA-V7VM-RHMG-8J2R Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API | 26 Nov 202416:36 | – | osv | |
| PYSEC-2026-1349 Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API | 7 Jul 202614:34 | – | osv | |
| PT-2024-35092 | 26 Nov 202400:00 | – | ptsecurity |
[
{
"vendor": "ethyca",
"product": "fides",
"versions": [
{
"version": "< 2.50.0",
"status": "affected"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| password | request body | /api/v1/user/accept-invite | API endpoint allows setting an extremely weak password during initial account setup due to missing server-side password policy enforcement (client-side validation only). | CWE-602 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation