5 matches found
CVE-2024-2213
An issue was discovered in zenml-io/zenml versions up to and including 0.55.4. Due to improper authentication mechanisms, an attacker with access to an active user session can change the account password without needing to know the current password. This vulnerability allows for unauthorized...
ZenML < 0.56.3 Vulnerability - CVE-2024-2213
The version of ZenML installed on the remote host is prior to 0.56.3. It is, therefore, affected by an improper authentication mechanisms. An attacker with access to an active user session can change the account password without needing to know the current password. This vulnerability allows for...
CVE-2024-2213
An issue was discovered in zenml-io/zenml versions up to and including 0.55.4. Due to improper authentication mechanisms, an attacker with access to an active user session can change the account password without needing to know the current password. This vulnerability allows for unauthorized...
CVE-2024-2213 Improper Authentication in zenml-io/zenml
An issue was discovered in zenml-io/zenml versions up to and including 0.55.4. Due to improper authentication mechanisms, an attacker with access to an active user session can change the account password without needing to know the current password. This vulnerability allows for unauthorized...
CVE-2024-2213
CVE-2024-2213 affects zenml-io/zenml up to and including 0.55.4. The root cause is improper authentication that lets an attacker with an active session change a user’s password without the current password, enabling unauthorized account takeover. The issue has been fixed in version 0.56.3. In pub...