6 matches found
CVE-2024-22047
A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user...
CVE-2024-22047
The CVE-2024-22047 issue concerns the Ruby gem Audited (versions 4.0.0 through 5.3.3) where a race condition can cause audit log entries to be attributed to the wrong user. Connected Red Hat advisory RHSA-2024:2010 notes the same race condition affecting rubygem-audited and highlights risk of mis...
CVE-2024-22047 Audited Log Integrity Errors Due to Race Condition
A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user...
CVE-2023-0993
The Shield Security plugin for WordPress is vulnerable to Missing Authorization on the 'theme-plugin-file' AJAX action in versions up to, and including, 17.0.17. This allows authenticated attackers to add arbitrary audit log entries indicating that a theme or plugin has been edited, and is also a...
The vulnerability of the Ignition 8 Gateway industrial automation software lies in the lack of restrictions on audit log entries, allowing a perpetrator to trigger a service failure.
The vulnerability of the Ignition 8 Gateway industrial automation software is related to the lack of restrictions on audit log entries. Exploiting this vulnerability allows a malicious actor to cause service interruptions remotely...
Security Bulletin: Financial Transaction Manager for Corporate Payment Services is affected by a potential validation vulnerability (CVE-2019-4519)
Summary IBM Financial Transaction Manager for Corporate Payment Services FTM CPS for Multi-Platform has addressed the following vulnerability. A potential validation vulnerability does not properly validate input which could allow an authenticated user prevent audit log entries. Vulnerability...