Zitadel@2.62.0 Security Vulnerabilities and Issues — Zitadel@2.62.0 CVE List

Lucene search

ZitadelZitadel2.62.0

3 matches found

CVE•added 2024/09/20 12:15 a.m.•67 views

CVE-2024-46999

Zitadel is an open source identity management platform. ZITADEL's user grants deactivation mechanism did not work correctly. Deactivated user grants were still provided in token, which could lead to unauthorized access to applications and resources. Additionally, the management and auth API always ...

7.3CVSS6.8AI score0.00114EPSS

CVE•added 2024/09/20 12:15 a.m.•47 views

CVE-2024-47000

Zitadel is an open source identity management platform. ZITADEL's user account deactivation mechanism did not work correctly with service accounts. Deactivated service accounts retained the ability to request tokens, which could lead to unauthorized access to applications and resources. Versions 2....

8.1CVSS8AI score0.00118EPSS

CVE•added 2024/09/20 12:15 a.m.•41 views

CVE-2024-47060

Zitadel is an open source identity management platform. In Zitadel, even after an organization is deactivated, associated projects, respectively their applications remain active. Users across other organizations can still log in and access through these applications, leading to unauthorized access....

6.5CVSS4.8AI score0.00048EPSS