Lucene search
ApacheCVELIST:CVE-2024-36264HistoryJun 12, 2024 - 2:06 p.m.
CVE-2024-36264 Apache Submarine Commons Utils: default secret
2024-06-1214:06:31
CWE-287
apache
www.cve.org
8
cve-2024-36264
apache submarine commons utils
default secret
improper authentication
retired project
unsupported
restrict access
EPSS
0.008
Percentile
82.3%
UNSUPPORTED WHEN ASSIGNED Improper Authentication vulnerability in Apache Submarine Commons Utils.
This issue affects Apache Submarine Commons Utils: from 0.8.0.
As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CNA Affected
[
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.apache.submarine:submarine-commons-utils",
"product": "Apache Submarine Commons Utils",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0.8.0",
"versionType": "semver"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-36264 Apache Submarine Commons Utils: default secret
2024-06-12 14:06:31
veracode
veracode
Improper Authentication
2024-06-13 05:43:37
osv
osv
Apache Submarine Commons Utils has a hard-coded secret
2024-06-12 15:31:44
nvd
nvd
CVE-2024-36264
2024-06-12 14:15:11
github
github
Apache Submarine Commons Utils has a hard-coded secret
2024-06-12 15:31:44
cve
cve
CVE-2024-36264
2024-06-12 14:15:11