Lucene search
Veracode Vulnerability DatabaseVERACODE:45758HistoryMar 05, 2024 - 6:44 a.m.
Authentication Bypass
2024-03-0506:44:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
20
github
authentication
bypass
email
verification
vulnerability
software
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
AI Score
6.8
Confidence
High
EPSS
0
Percentile
15.5%
github.com/coder/coder/ is vulnerable to Authentication Bypass. The vulnerability is due to inadequate verification of email domains, allowing an attacker to create an account with an unauthorized email.
Related
cve
cve
CVE-2024-27918
2024-03-21 02:52:20
prion
prion
Authentication flaw
2024-03-14 22:53:54
osv
osv
CVE-2024-27918
2024-03-21 02:52:20
Incorrect email domain verification in github.com/coder/coder
2024-03-11 19:00:01
cvelist
cvelist
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-27918
2024-03-21 02:52:20
github
github
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
AI Score
6.8
Confidence
High
EPSS
0
Percentile
15.5%
Related for VERACODE:45758