Lucene search

K

[email protected]NVD:CVE-2024-5820

HistoryJun 27, 2024 - 7:15 p.m.

CVE-2024-5820

2024-06-2719:15:16

CWE-862

[email protected]

web.nvd.nist.gov

3

authorization

stitionai/devika

cve-2024-5820

7.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L

0.0004 Low

EPSS

Percentile

9.1%

Missing Authorization in stitionai/devika

References

huntr.com/bounties/2ba757bf-8ede-445b-b143-2de7769758a6

7.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L

0.0004 Low

EPSS

Percentile

9.1%

Related for NVD:CVE-2024-5820

cvelist1 vulnrichment1 cve1