3 matches found
CVE-2024-42490
creationtimestamp| type| source ---|---|--- 2024-08-22 19:23:15+00:00| seen| https://t.me/cvedetector/3934...
CVE-2024-42490 authentik has Insufficient Authorization for several API endpoints
authentik is an open-source Identity Provider. Several API endpoints can be accessed by users without correct authentication/authorization. The main API endpoints affected by this are /api/v3/crypto/certificatekeypairs//viewcertificate/, /api/v3/crypto/certificatekeypairs//viewprivatekey/, and...
CVE-2024-42490
authentik (open-source Identity Provider) exposes certain API endpoints without proper authentication/authorization. Affected endpoints include /api/v3/crypto/certificatekeypairs//view_certificate/, /api/v3/crypto/certificatekeypairs//view_private_key/, and /api/v3/.../used_by/, where access depe...