Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:33 a.m.9 views

CVE-2024-6582

A broken access control vulnerability exists in the latest version of lunary-ai/lunary. The saml.ts file allows a user from one organization to update the Identity Provider IDP settings and view the SSO metadata of another organization. This vulnerability can lead to unauthorized access and...

6.5CVSS6.7AI score0.00417EPSS
Exploits1References1
OSV
OSV
added 2024/09/13 5:15 p.m.14 views

CVE-2024-6582

A broken access control vulnerability exists in the latest version of lunary-ai/lunary. The saml.ts file allows a user from one organization to update the Identity Provider IDP settings and view the SSO metadata of another organization. This vulnerability can lead to unauthorized access and...

4.3CVSS6.6AI score0.00417EPSS
Exploits1References2
CVE
CVE
added 2024/09/13 4:11 p.m.53 views

CVE-2024-6582

CVE-2024-6582 describes a broken access control in lunary-ai/lunary where the saml.ts component allows a user from one organization to modify IDP settings and view SSO metadata of another organization, potentially enabling unauthorized access and account takeover if a target email is known. This ...

6.5CVSS4.9AI score0.00417EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/09/13 4:11 p.m.17 views

CVE-2024-6582 Broken Access Control in lunary-ai/lunary

A broken access control vulnerability exists in the latest version of lunary-ai/lunary. The saml.ts file allows a user from one organization to update the Identity Provider IDP settings and view the SSO metadata of another organization. This vulnerability can lead to unauthorized access and...

6.5CVSS0.00417EPSS
Exploits1References2
Rows per page
Query Builder