Lucene search
K

6 matches found

NVD
NVD
added 2024/01/04 9:15 p.m.30 views

CVE-2024-22047

A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user...

3.1CVSS4AI score0.00494EPSS
Exploits0References6
CVE
CVE
added 2024/01/04 8:32 p.m.96 views

CVE-2024-22047

The CVE-2024-22047 issue concerns the Ruby gem Audited (versions 4.0.0 through 5.3.3) where a race condition can cause audit log entries to be attributed to the wrong user. Connected Red Hat advisory RHSA-2024:2010 notes the same race condition affecting rubygem-audited and highlights risk of mis...

3.1CVSS4.2AI score0.00494EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/01/04 8:32 p.m.17 views

CVE-2024-22047 Audited Log Integrity Errors Due to Race Condition

A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user...

3.1CVSS5.9AI score0.00494EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2023/06/09 6:15 a.m.3 views

CVE-2023-0993

The Shield Security plugin for WordPress is vulnerable to Missing Authorization on the 'theme-plugin-file' AJAX action in versions up to, and including, 17.0.17. This allows authenticated attackers to add arbitrary audit log entries indicating that a theme or plugin has been edited, and is also a...

7.2CVSS6.6AI score0.93046EPSS
Exploits2References4
BDU FSTEC
BDU FSTEC
added 2020/10/14 12:0 a.m.6 views

The vulnerability of the Ignition 8 Gateway industrial automation software lies in the lack of restrictions on audit log entries, allowing a perpetrator to trigger a service failure.

The vulnerability of the Ignition 8 Gateway industrial automation software is related to the lack of restrictions on audit log entries. Exploiting this vulnerability allows a malicious actor to cause service interruptions remotely...

9.4CVSS7.2AI score0.01278EPSS
Exploits0References4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/21 5:12 p.m.15 views

Security Bulletin: Financial Transaction Manager for Corporate Payment Services is affected by a potential validation vulnerability (CVE-2019-4519)

Summary IBM Financial Transaction Manager for Corporate Payment Services FTM CPS for Multi-Platform has addressed the following vulnerability. A potential validation vulnerability does not properly validate input which could allow an authenticated user prevent audit log entries. Vulnerability...

0.9AI score
Exploits0Affected Software1
Rows per page
Query Builder