Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 2:23 a.m.7 views

CVE-2024-24825

DIRAC is a distributed resource framework. In affected versions any user could get a token that has been requested by another user/agent. This may expose resources to unintended parties. This issue has been addressed in release version 8.0.37. Users are advised to upgrade. There are no known...

9.1CVSS9AI score0.00534EPSS
Exploits0References1
NVD
NVD
added 2024/02/09 12:15 a.m.26 views

CVE-2024-24825

DIRAC is a distributed resource framework. In affected versions any user could get a token that has been requested by another user/agent. This may expose resources to unintended parties. This issue has been addressed in release version 8.0.37. Users are advised to upgrade. There are no known...

9.1CVSS9.1AI score0.00534EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/08 11:39 p.m.1 views

CVE-2024-24825 TokenManager not checking permissions on cached tokens in DIRAC

DIRAC is a distributed resource framework. In affected versions any user could get a token that has been requested by another user/agent. This may expose resources to unintended parties. This issue has been addressed in release version 8.0.37. Users are advised to upgrade. There are no known...

9.1CVSS7AI score0.00534EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/08 11:39 p.m.38 views

CVE-2024-24825 TokenManager not checking permissions on cached tokens in DIRAC

DIRAC is a distributed resource framework. In affected versions any user could get a token that has been requested by another user/agent. This may expose resources to unintended parties. This issue has been addressed in release version 8.0.37. Users are advised to upgrade. There are no known...

9.1CVSS9.3AI score0.00534EPSS
Exploits0References2
CVE
CVE
added 2024/02/08 11:39 p.m.54 views

CVE-2024-24825

DIRAC’s TokenManager vulnerability (CVE-2024-24825) affects DIRAC before version 8.0.37, allowing any user to obtain a token requested by another user/agent and potentially expose resources. The issue is fixed in 8.0.37; upg rade to that release. Other sources (GitHub advisory GHSA-59qj-jcjv-662j...

9.1CVSS7.3AI score0.00534EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/02/08 11:39 p.m.88 views

CVE-2024-24825 TokenManager not checking permissions on cached tokens in DIRAC

DIRAC is a distributed resource framework. In affected versions any user could get a token that has been requested by another user/agent. This may expose resources to unintended parties. This issue has been addressed in release version 8.0.37. Users are advised to upgrade. There are no known...

9.1CVSS7.7AI score0.00534EPSS
Exploits0References4
Rows per page
Query Builder