Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 8:36 a.m.5 views

CVE-2024-47183

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. If the Parse Server option allowCustomObjectId: true is set, an attacker that is allowed to create a new user can set a custom object ID for that new user that exploits the vulnerability and...

8.1CVSS6.6AI score0.0042EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/04 3:6 p.m.14 views

CVE-2024-47183 Parse Server's custom object ID allows to acquire role privileges

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. If the Parse Server option allowCustomObjectId: true is set, an attacker that is allowed to create a new user can set a custom object ID for that new user that exploits the vulnerability and...

8.1CVSS6.6AI score0.0042EPSS
Exploits0References5
CVE
CVE
added 2024/10/04 3:6 p.m.56 views

CVE-2024-47183

Summary: Parse Server vulnerability CVE-2024-47183 arises when allowCustomObjectId: true is enabled. An attacker allowed to create a new user can set a custom object ID and thereby acquire privileges of a specific role. This is mitigated by fixed versions 6.5.9 and 7.3.0. What’s affected: Parse S...

8.1CVSS7.8AI score0.0042EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2024/10/04 3:6 p.m.24 views

CVE-2024-47183 Parse Server's custom object ID allows to acquire role privileges

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. If the Parse Server option allowCustomObjectId: true is set, an attacker that is allowed to create a new user can set a custom object ID for that new user that exploits the vulnerability and...

8.1CVSS0.0042EPSS
Exploits0References5
Rows per page
Query Builder