Lucene search
Veracode Vulnerability DatabaseVERACODE:48617HistoryAug 28, 2024 - 4:19 a.m.
Authentication Bypass
2024-08-2804:19:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
authentication bypass
flowise
inadequate authentication controls
verify user credentials
unauthenticated attackers
administrator-level api endpoints
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.1
Confidence
Low
EPSS
0.006
Percentile
78.6%
flowise is vulnerable to Authentication Bypass. The vulnerability is due to inadequate authentication controls that fail to properly verify user credentials, allowing unauthenticated attackers to access administrator-level API endpoints.
Related
osv
osv
Flowise Authentication Bypass vulnerability
2024-08-27 15:32:49
CVE-2024-8181
2024-08-27 13:15:06
cvelist
cvelist
CVE-2024-8181 Flowise Authentication Bypass
2024-08-27 13:10:40
github
github
Flowise Authentication Bypass vulnerability
2024-08-27 15:32:49
nvd
nvd
CVE-2024-8181
2024-08-27 13:15:06
vulnrichment
vulnrichment
CVE-2024-8181 Flowise Authentication Bypass
2024-08-27 13:10:40
cve
cve
CVE-2024-8181
2024-08-27 13:15:06
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.1
Confidence
Low
EPSS
0.006
Percentile
78.6%
Related for VERACODE:48617