EUVD-2024-46415

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Insecure Direct Object Reference in Looker exposes metadata across authenticated users sharing LookML model

Reporter	Title	Published	Views	Family All 7
CNNVD	Google Cloud Looker 安全漏洞	22 May 202400:00	–	cnnvd
CVE	CVE-2024-5166	22 May 202416:11	–	cve
Cvelist	CVE-2024-5166 Insecure Direct Object Reference In Looker	22 May 202416:11	–	cvelist
NVD	CVE-2024-5166	22 May 202417:16	–	nvd
OSV	CVE-2024-5166	22 May 202417:16	–	osv
Positive Technologies	PT-2024-34804 · Google Cloud · Looker	22 May 202400:00	–	ptsecurity
Vulnrichment	CVE-2024-5166 Insecure Direct Object Reference In Looker	22 May 202416:11	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "c67a3a3e-f424-3948-8508-b648913b5aa9",
        "vendor": {
          "name": "Google Cloud"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "00a25f30-2ba5-3589-b6dc-c5925e93581f",
        "product": {
          "name": "Looker"
        },
        "product_version": "24.20"
      },
      {
        "id": "044573c6-06c4-3268-b08e-3de0dd32ddc5",
        "product": {
          "name": "Looker"
        },
        "product_version": "24.14"
      },
      {
        "id": "0aebbcad-2596-3a76-9d21-a3ef0a8f35f7",
        "product": {
          "name": "Looker"
        },
        "product_version": "24.0"
      },
      {
        "id": "0cee05c7-236d-3255-8a62-7d8245d43146",
        "product": {
          "name": "Looker"
        },
        "product_version": "24.10"
      },
      {
        "id": "5e9ba52a-6187-36de-a593-e1efc5e3029e",
        "product": {
          "name": "Looker"
        },
        "product_version": "24.8"
      },
      {
        "id": "610d588c-46a3-3bd9-81c6-9720dfec6554",
        "product": {
          "name": "Looker"
        },
        "product_version": "24.16"
      },
      {
        "id": "65f21e67-5511-3a70-9b6a-6b7965ca426a",
        "product": {
          "name": "Looker"
        },
        "product_version": "23.18"
      },
      {
        "id": "859749e0-b3f5-329f-8f2c-fe25814c56c1",
        "product": {
          "name": "Looker"
        },
        "product_version": "24.4"
      },
      {
        "id": "99368835-5aed-3922-94e6-686a78ccc89e",
        "product": {
          "name": "Looker"
        },
        "product_version": "24.18"
      },
      {
        "id": "b305db47-580e-3b42-bc24-ca8d8e50d96e",
        "product": {
          "name": "Looker"
        },
        "product_version": "23.20"
      },
      {
        "id": "b583619c-9090-3d7b-a25d-3d665bb4d918",
        "product": {
          "name": "Looker"
        },
        "product_version": "24.6"
      },
      {
        "id": "c1fcd203-090f-3a5c-9aa7-a485faa01205",
        "product": {
          "name": "Looker"
        },
        "product_version": "24.12"
      },
      {
        "id": "da9da571-7a92-3d93-bc0b-c379aaa3de49",
        "product": {
          "name": "Looker"
        },
        "product_version": "24.2"
      }
    ]
  }
]

Source	Link
cloud	www.cloud.google.com/looker/docs/best-practices/query-id-update-instructions

03 Oct 2025 20:07Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.16.5

EPSS0.00067

SSVC