Lucene search
ApacheVULNRICHMENT:CVE-2024-26578HistoryFeb 22, 2024 - 9:28 a.m.
CVE-2024-26578 Apache Answer: Repeated submission at registration created duplicate users with the same name
2024-02-2209:28:15
CWE-362
apache
github.com
4
cve-2024-26578
repeated submission
registration
duplicate users
concurrent execution
shared resource
improper synchronization
race condition
apache answer
upgrade
Concurrent Execution using Shared Resource with Improper Synchronization (‘Race Condition’) vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1.
Repeated submission during registration resulted in the registration of the same user. When users register, if they rapidly submit multiple registrations using scripts, it can result in the creation of multiple user accounts simultaneously with the same name.
Users are recommended to upgrade to version [1.2.5], which fixes the issue.
CNA Affected
[
{
"vendor": "Apache Software Foundation",
"product": "Apache Answer",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver",
"lessThanOrEqual": "1.2.1"
}
],
"defaultStatus": "unaffected"
}
]Related
osv
osv
Apache Answer Race Condition vulnerability
2024-02-22 12:30:56
cvelist
cvelist
veracode
veracode
Race Condition
2024-02-23 10:00:01
prion
prion
Race condition
2024-02-22 10:15:00
nvd
nvd
CVE-2024-26578
2024-02-22 10:15:08
github
github
Apache Answer Race Condition vulnerability
2024-02-22 12:30:56
cnvd
cnvd
Apache Answer Competitive Conditions Issue Vulnerability
2024-03-14 00:00:00
cve
cve
CVE-2024-26578
2024-02-22 10:15:08
AI Score
6.9
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-26578