Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 4:0 a.m.7 views

CVE-2024-54151

Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 11.0.0 and prior to version 11.3.0, when setting WEBSOCKETSGRAPHQLAUTH or WEBSOCKETSRESTAUTH to "public", an unauthenticated user is able to do any of the supported operations CRUD, subscriptions...

7.5CVSS7.5AI score0.00588EPSS
Exploits1References1
NVD
NVD
added 2024/12/09 9:15 p.m.24 views

CVE-2024-54151

Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 11.0.0 and prior to version 11.3.0, when setting WEBSOCKETSGRAPHQLAUTH or WEBSOCKETSRESTAUTH to "public", an unauthenticated user is able to do any of the supported operations CRUD, subscriptions...

7.5CVSS0.00588EPSS
Exploits1References2
CVE
CVE
added 2024/12/09 8:57 p.m.122 views

CVE-2024-54151

Directus vulnerability CVE-2024-54151 affects Directus real-time API/admin dashboard. From version 11.0.0 up to, but not including, 11.3.0, configuring WEBSOCKETS_GRAPHQL_AUTH or WEBSOCKETS_REST_AUTH to "public" allows unauthenticated users to perform any supported operations (CRUD, subscriptions...

7.5CVSS8.1AI score0.00588EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/12/09 8:57 p.m.44 views

CVE-2024-54151 Directus allows unauthenticated access to WebSocket events and operations

Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 11.0.0 and prior to version 11.3.0, when setting WEBSOCKETSGRAPHQLAUTH or WEBSOCKETSRESTAUTH to "public", an unauthenticated user is able to do any of the supported operations CRUD, subscriptions...

7.5CVSS0.00588EPSS
Exploits1References2
OSV
OSV
added 2024/12/09 8:57 p.m.11 views

CVE-2024-54151 Directus allows unauthenticated access to WebSocket events and operations

Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 11.0.0 and prior to version 11.3.0, when setting WEBSOCKETSGRAPHQLAUTH or WEBSOCKETSRESTAUTH to "public", an unauthenticated user is able to do any of the supported operations CRUD, subscriptions...

7.5CVSS7.2AI score0.00588EPSS
Exploits1References4
Rows per page
Query Builder