3 matches found
CVE-2024-6895
Insufficient authentication in user account management in Yugabyte Platform allows local network attackers with a compromised user session to change critical security information without re-authentication. An attacker with user session and access to application can modify settings such as passwor...
CVE-2024-6895 Insecure Account Profile Management
Insufficient authentication in user account management in Yugabyte Platform allows local network attackers with a compromised user session to change critical security information without re-authentication. An attacker with user session and access to application can modify settings such as passwor...
CVE-2024-6895
CVE-2024-6895 affects Yugabyte Platform: Insufficient authentication in user account management could allow a local-network attacker with a compromised session to change critical security settings (e.g., password, email) without re-authenticating, enabling account takeover. Exploitation details a...