Lucene search
JFROGCVELIST:CVE-2024-0879HistoryJan 25, 2024 - 2:41 p.m.
CVE-2024-0879 Authentication bypass in vector-admin domain restriction
2024-01-2514:41:25
CWE-287
JFROG
www.cve.org
3
cve-2024-0879
authentication
bypass
vector-admin
domain restriction
server
user
register
email address
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS
0
Percentile
14.0%
Authentication bypass in vector-admin allows a user to register to a vector-admin server while “domain restriction” is active, even when not owning an authorized email address.
CNA Affected
[
{
"collectionURL": "https://github.com",
"defaultStatus": "unaffected",
"packageName": "Mintplex-Labs/vector-admin",
"product": "vector-admin",
"vendor": "Mintplex-Labs",
"versions": [
{
"lessThan": "a581b8177dd6be719a5ef6d3ce4b1e939636bb41",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
]Related
prion
prion
Authentication flaw
2024-01-25 15:15:00
cve
cve
CVE-2024-0879
2024-01-25 15:15:07
nvd
nvd
CVE-2024-0879
2024-01-25 15:15:07
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS
0
Percentile
14.0%
Related for CVELIST:CVE-2024-0879