CWE-837
Improper Enforcement of a Single, Unique Action
The product requires that an actor should only be able to perform an action once, or to have only one unique action, but the product does not enforce or improperly enforces this restriction.
CVE-2023-5313 (GCVE-0-2023-5313)
Vulnerability from cvelistv5
Published
2023-09-30 15:00
Modified
2024-09-20 16:23
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-837 - Improper Enforcement of a Single, Unique Action
Summary
A vulnerability classified as problematic was found in phpkobo Ajax Poll Script 3.18. Affected by this vulnerability is an unknown functionality of the file ajax-poll.php of the component Poll Handler. The manipulation leads to improper enforcement of a single, unique action. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240949 was assigned to this vulnerability.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
phpkobo | Ajax Poll Script |
Version: 3.18 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:52:08.552Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vdb-entry", "technical-description", "x_transferred" ], "url": "https://vuldb.com/?id.240949" }, { "tags": [ "signature", "permissions-required", "x_transferred" ], "url": "https://vuldb.com/?ctiid.240949" }, { "tags": [ "exploit", "x_transferred" ], "url": "https://github.com/tht1997/WhiteBox/blob/main/PHPKOBO/ajax_pool_script.md" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-5313", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-20T16:22:16.577180Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-20T16:23:23.775Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "modules": [ "Poll Handler" ], "product": "Ajax Poll Script", "vendor": "phpkobo", "versions": [ { "status": "affected", "version": "3.18" } ] } ], "credits": [ { "lang": "en", "type": "analyst", "value": "huutuanbg97 (VulDB User)" } ], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic was found in phpkobo Ajax Poll Script 3.18. Affected by this vulnerability is an unknown functionality of the file ajax-poll.php of the component Poll Handler. The manipulation leads to improper enforcement of a single, unique action. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240949 was assigned to this vulnerability." }, { "lang": "de", "value": "In phpkobo Ajax Poll Script 3.18 wurde eine problematische Schwachstelle entdeckt. Hierbei betrifft es unbekannten Programmcode der Datei ajax-poll.php der Komponente Poll Handler. Mittels dem Manipulieren mit unbekannten Daten kann eine improper enforcement of a single, unique action-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } }, { "cvssV3_0": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" } }, { "cvssV2_0": { "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-837", "description": "CWE-837 Improper Enforcement of a Single, Unique Action", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-25T05:05:30.194Z", "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB" }, "references": [ { "tags": [ "vdb-entry", "technical-description" ], "url": "https://vuldb.com/?id.240949" }, { "tags": [ "signature", "permissions-required" ], "url": "https://vuldb.com/?ctiid.240949" }, { "tags": [ "exploit" ], "url": "https://github.com/tht1997/WhiteBox/blob/main/PHPKOBO/ajax_pool_script.md" } ], "timeline": [ { "lang": "en", "time": "2023-09-29T00:00:00.000Z", "value": "Advisory disclosed" }, { "lang": "en", "time": "2023-09-29T00:00:00.000Z", "value": "CVE reserved" }, { "lang": "en", "time": "2023-09-29T02:00:00.000Z", "value": "VulDB entry created" }, { "lang": "en", "time": "2023-10-22T18:11:32.000Z", "value": "VulDB entry last update" } ], "title": "phpkobo Ajax Poll Script ajax-poll.php improper enforcement of a single, unique action" } }, "cveMetadata": { "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "assignerShortName": "VulDB", "cveId": "CVE-2023-5313", "datePublished": "2023-09-30T15:00:04.962Z", "dateReserved": "2023-09-29T20:28:22.069Z", "dateUpdated": "2024-09-20T16:23:23.775Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-6438 (GCVE-0-2023-6438)
Vulnerability from cvelistv5
Published
2023-11-30 17:00
Modified
2024-08-02 08:28
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-837 - Improper Enforcement of a Single, Unique Action
Summary
A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. Affected is an unknown function of the file /WebArticle/articles/ of the component Like Handler. The manipulation leads to improper enforcement of a single, unique action. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-246438 is the identifier assigned to this vulnerability.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:28:21.833Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://vuldb.com/?id.246438" }, { "tags": [ "signature", "permissions-required", "x_transferred" ], "url": "https://vuldb.com/?ctiid.246438" }, { "tags": [ "exploit", "x_transferred" ], "url": "http://124.71.147.32:8082" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "modules": [ "Like Handler" ], "product": "IceCMS", "vendor": "Thecosy", "versions": [ { "status": "affected", "version": "2.0.1" } ] } ], "credits": [ { "lang": "en", "type": "analyst", "value": "YuJiu (VulDB User)" } ], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. Affected is an unknown function of the file /WebArticle/articles/ of the component Like Handler. The manipulation leads to improper enforcement of a single, unique action. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-246438 is the identifier assigned to this vulnerability." }, { "lang": "de", "value": "Es wurde eine problematische Schwachstelle in Thecosy IceCMS 2.0.1 entdeckt. Dabei betrifft es einen unbekannter Codeteil der Datei /WebArticle/articles/ der Komponente Like Handler. Mittels dem Manipulieren mit unbekannten Daten kann eine improper enforcement of a single, unique action-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } }, { "cvssV3_0": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" } }, { "cvssV2_0": { "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-837", "description": "CWE-837 Improper Enforcement of a Single, Unique Action", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-01T16:33:05.014Z", "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB" }, "references": [ { "tags": [ "vdb-entry" ], "url": "https://vuldb.com/?id.246438" }, { "tags": [ "signature", "permissions-required" ], "url": "https://vuldb.com/?ctiid.246438" }, { "tags": [ "exploit" ], "url": "http://124.71.147.32:8082" } ], "timeline": [ { "lang": "en", "time": "2023-11-30T00:00:00.000Z", "value": "Advisory disclosed" }, { "lang": "en", "time": "2023-11-30T01:00:00.000Z", "value": "VulDB entry created" }, { "lang": "en", "time": "2023-12-01T17:37:57.000Z", "value": "VulDB entry last update" } ], "title": "Thecosy IceCMS Like improper enforcement of a single, unique action" } }, "cveMetadata": { "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "assignerShortName": "VulDB", "cveId": "CVE-2023-6438", "datePublished": "2023-11-30T17:00:08.337Z", "dateReserved": "2023-11-30T12:36:05.191Z", "dateUpdated": "2024-08-02T08:28:21.833Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-6467 (GCVE-0-2023-6467)
Vulnerability from cvelistv5
Published
2023-12-02 14:00
Modified
2024-08-02 08:28
Severity ?
3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
3.1 (Low) - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
3.1 (Low) - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-837 - Improper Enforcement of a Single, Unique Action
Summary
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /Websquare/likeClickComment/ of the component Comment Like Handler. The manipulation leads to improper enforcement of a single, unique action. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-246617 was assigned to this vulnerability.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:28:21.869Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://vuldb.com/?id.246617" }, { "tags": [ "signature", "permissions-required", "x_transferred" ], "url": "https://vuldb.com/?ctiid.246617" }, { "tags": [ "exploit", "x_transferred" ], "url": "http://39.106.130.187/wenjian/2.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "modules": [ "Comment Like Handler" ], "product": "IceCMS", "vendor": "Thecosy", "versions": [ { "status": "affected", "version": "2.0.1" } ] } ], "credits": [ { "lang": "en", "type": "analyst", "value": "zero121 (VulDB User)" } ], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /Websquare/likeClickComment/ of the component Comment Like Handler. The manipulation leads to improper enforcement of a single, unique action. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-246617 was assigned to this vulnerability." }, { "lang": "de", "value": "Eine Schwachstelle wurde in Thecosy IceCMS 2.0.1 ausgemacht. Sie wurde als problematisch eingestuft. Dies betrifft einen unbekannten Teil der Datei /Websquare/likeClickComment/ der Komponente Comment Like Handler. Durch Manipulieren mit unbekannten Daten kann eine improper enforcement of a single, unique action-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Die Ausnutzbarkeit gilt als schwierig. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ], "metrics": [ { "cvssV3_1": { "baseScore": 3.1, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } }, { "cvssV3_0": { "baseScore": 3.1, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" } }, { "cvssV2_0": { "baseScore": 2.1, "vectorString": "AV:N/AC:H/Au:S/C:N/I:P/A:N", "version": "2.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-837", "description": "CWE-837 Improper Enforcement of a Single, Unique Action", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-02T14:00:05.493Z", "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB" }, "references": [ { "tags": [ "vdb-entry" ], "url": "https://vuldb.com/?id.246617" }, { "tags": [ "signature", "permissions-required" ], "url": "https://vuldb.com/?ctiid.246617" }, { "tags": [ "exploit" ], "url": "http://39.106.130.187/wenjian/2.html" } ], "timeline": [ { "lang": "en", "time": "2023-12-01T00:00:00.000Z", "value": "Advisory disclosed" }, { "lang": "en", "time": "2023-12-01T01:00:00.000Z", "value": "VulDB entry created" }, { "lang": "en", "time": "2023-12-01T17:47:59.000Z", "value": "VulDB entry last update" } ], "title": "Thecosy IceCMS Comment Like improper enforcement of a single, unique action" } }, "cveMetadata": { "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "assignerShortName": "VulDB", "cveId": "CVE-2023-6467", "datePublished": "2023-12-02T14:00:05.493Z", "dateReserved": "2023-12-01T16:42:41.193Z", "dateUpdated": "2024-08-02T08:28:21.869Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-6759 (GCVE-0-2023-6759)
Vulnerability from cvelistv5
Published
2023-12-13 15:00
Modified
2024-10-08 14:28
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-837 - Improper Enforcement of a Single, Unique Action
Summary
A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. This affects an unknown part of the file /WebResource/resource of the component Love Handler. The manipulation leads to improper enforcement of a single, unique action. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-247887.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:42:07.643Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://vuldb.com/?id.247887" }, { "tags": [ "signature", "permissions-required", "x_transferred" ], "url": "https://vuldb.com/?ctiid.247887" }, { "tags": [ "exploit", "x_transferred" ], "url": "http://39.106.130.187/Icecms.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-6759", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-08T14:28:14.400482Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-08T14:28:28.389Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "modules": [ "Love Handler" ], "product": "IceCMS", "vendor": "Thecosy", "versions": [ { "status": "affected", "version": "2.0.1" } ] } ], "credits": [ { "lang": "en", "type": "analyst", "value": "Qson (VulDB User)" } ], "descriptions": [ { "lang": "en", "value": "A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. This affects an unknown part of the file /WebResource/resource of the component Love Handler. The manipulation leads to improper enforcement of a single, unique action. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-247887." }, { "lang": "de", "value": "Es wurde eine Schwachstelle in Thecosy IceCMS 2.0.1 entdeckt. Sie wurde als problematisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei /WebResource/resource der Komponente Love Handler. Mit der Manipulation mit unbekannten Daten kann eine improper enforcement of a single, unique action-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } }, { "cvssV3_0": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" } }, { "cvssV2_0": { "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-837", "description": "CWE-837 Improper Enforcement of a Single, Unique Action", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-13T15:00:05.420Z", "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB" }, "references": [ { "tags": [ "vdb-entry" ], "url": "https://vuldb.com/?id.247887" }, { "tags": [ "signature", "permissions-required" ], "url": "https://vuldb.com/?ctiid.247887" }, { "tags": [ "exploit" ], "url": "http://39.106.130.187/Icecms.html" } ], "timeline": [ { "lang": "en", "time": "2023-12-13T00:00:00.000Z", "value": "Advisory disclosed" }, { "lang": "en", "time": "2023-12-13T01:00:00.000Z", "value": "VulDB entry created" }, { "lang": "en", "time": "2023-12-13T08:45:21.000Z", "value": "VulDB entry last update" } ], "title": "Thecosy IceCMS Love resource improper enforcement of a single, unique action" } }, "cveMetadata": { "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "assignerShortName": "VulDB", "cveId": "CVE-2023-6759", "datePublished": "2023-12-13T15:00:05.420Z", "dateReserved": "2023-12-13T07:39:55.340Z", "dateUpdated": "2024-10-08T14:28:28.389Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-11301 (GCVE-0-2024-11301)
Vulnerability from cvelistv5
Published
2025-03-20 10:10
Modified
2025-03-20 14:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-837 - Improper Enforcement of a Single, Unique Action
Summary
In lunary-ai/lunary before version 1.6.3, the application allows the creation of evaluators without enforcing a unique constraint on the combination of projectId and slug. This allows an attacker to overwrite existing data by submitting a POST request with the same slug as an existing evaluator. The lack of database constraints or application-layer validation to prevent duplicates exposes the application to data integrity issues. This vulnerability can result in corrupted data and potentially malicious actions, impairing the system's functionality.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
lunary-ai | lunary-ai/lunary |
Version: unspecified < 1.6.3 |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-11301", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-03-20T14:42:14.703387Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-03-20T14:42:18.450Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "lunary-ai/lunary", "vendor": "lunary-ai", "versions": [ { "lessThan": "1.6.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "In lunary-ai/lunary before version 1.6.3, the application allows the creation of evaluators without enforcing a unique constraint on the combination of projectId and slug. This allows an attacker to overwrite existing data by submitting a POST request with the same slug as an existing evaluator. The lack of database constraints or application-layer validation to prevent duplicates exposes the application to data integrity issues. This vulnerability can result in corrupted data and potentially malicious actions, impairing the system\u0027s functionality." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-837", "description": "CWE-837 Improper Enforcement of a Single, Unique Action", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-03-20T10:10:00.614Z", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai" }, "references": [ { "url": "https://huntr.com/bounties/3d99aca5-b135-4833-b48b-7806bc4bf861" }, { "url": "https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd" } ], "source": { "advisory": "3d99aca5-b135-4833-b48b-7806bc4bf861", "discovery": "EXTERNAL" }, "title": "Improper Enforcement of Unique Constraint in lunary-ai/lunary" } }, "cveMetadata": { "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntr_ai", "cveId": "CVE-2024-11301", "datePublished": "2025-03-20T10:10:00.614Z", "dateReserved": "2024-11-16T09:16:02.939Z", "dateUpdated": "2025-03-20T14:42:18.450Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-11716 (GCVE-0-2024-11716)
Vulnerability from cvelistv5
Published
2025-01-02 16:07
Modified
2025-01-02 17:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-837 - Improper Enforcement of a Single, Unique Action
Summary
While assignment of a user to a team (bracket) in CTFd should be possible only once, at the registration, a flaw in logic implementation allows an authenticated user to reset it's bracket and then pick a new one, joining another team while a competition is already ongoing.
This issue impacts releases from 3.7.0 up to 3.7.4 and was addressed by pull request 2636 https://github.com/CTFd/CTFd/pull/2636 included in 3.7.5 release.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-11716", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-02T17:34:30.679929Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-02T17:34:54.872Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "references": [ { "tags": [ "exploit" ], "url": "https://seclists.org/fulldisclosure/2024/Dec/21" } ], "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "CTFd", "repo": "https://github.com/CTFd/CTFd", "vendor": "CTFd", "versions": [ { "lessThanOrEqual": "3.7.4", "status": "affected", "version": "3.7.0", "versionType": "git" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "B\u0142a\u017cej Adamczyk (efigo.pl)" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "While assignment of a user to a team (bracket) in\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCTFd \u003c/span\u003e should be possible only once, at the registration, a flaw in logic implementation allows an authenticated user to reset it\u0027s bracket and then pick a new one, joining another team while a competition is already ongoing.\u003cbr\u003eThis issue impacts releases from 3.7.0 up to 3.7.4 and was addressed by \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/CTFd/CTFd/pull/2636\"\u003epull request 2636\u003c/a\u003e\u0026nbsp;included in 3.7.5 release." } ], "value": "While assignment of a user to a team (bracket) in\u00a0CTFd should be possible only once, at the registration, a flaw in logic implementation allows an authenticated user to reset it\u0027s bracket and then pick a new one, joining another team while a competition is already ongoing.\nThis issue impacts releases from 3.7.0 up to 3.7.4 and was addressed by pull request 2636 https://github.com/CTFd/CTFd/pull/2636 \u00a0included in 3.7.5 release." } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 5.3, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-837", "description": "CWE-837 Improper Enforcement of a Single, Unique Action", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-02T16:07:46.868Z", "orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "shortName": "CERT-PL" }, "references": [ { "tags": [ "patch" ], "url": "https://github.com/CTFd/CTFd/pull/2636" }, { "tags": [ "third-party-advisory" ], "url": "https://cert.pl/en/posts/2025/01/CVE-2024-11716" }, { "tags": [ "product" ], "url": "https://ctfd.io/" }, { "tags": [ "vendor-advisory" ], "url": "https://blog.ctfd.io/ctfd-3-7-5/" }, { "tags": [ "mailing-list", "exploit" ], "url": "https://seclists.org/fulldisclosure/2024/Dec/21" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "assignerShortName": "CERT-PL", "cveId": "CVE-2024-11716", "datePublished": "2025-01-02T16:07:46.868Z", "dateReserved": "2024-11-25T17:36:38.975Z", "dateUpdated": "2025-01-02T17:34:54.872Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-11717 (GCVE-0-2024-11717)
Vulnerability from cvelistv5
Published
2025-01-02 16:08
Modified
2025-01-02 17:33
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Tokens in CTFd used for account activation and password resetting can be used interchangeably for these operations. When used, they are sent to the server as a GET parameter and they are not single use, which means, that during token expiration time an on-path attacker might reuse such a token to change user's password and take over the account. Moreover, the tokens also include base64 encoded user email.
This issue impacts releases up to 3.7.4 and was addressed by pull request 2679 https://github.com/CTFd/CTFd/pull/2679 included in 3.7.5 release.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-11717", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-02T17:32:55.312090Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-02T17:33:59.325Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "references": [ { "tags": [ "exploit" ], "url": "https://seclists.org/fulldisclosure/2024/Dec/21" } ], "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "CTFd", "repo": "https://github.com/CTFd/CTFd", "vendor": "CTFd", "versions": [ { "lessThanOrEqual": "3.7.4", "status": "affected", "version": "0", "versionType": "git" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "B\u0142a\u017cej Adamczyk (efigo.pl)" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cdiv\u003eTokens in CTFd used for account activation and password resetting can be used interchangeably for these operations. When used, they are sent to the server as a GET parameter and they are not single use, which means, that during token expiration time an on-path attacker might reuse such a token to change user\u0027s password and take over the account.\u0026nbsp;Moreover, the tokens also include base64 encoded user email.\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003eThis issue impacts releases up to 3.7.4 and was addressed by \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/CTFd/CTFd/pull/2679\"\u003epull request 2679\u003c/a\u003e\u0026nbsp;included in 3.7.5 release.\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cbr\u003e" } ], "value": "Tokens in CTFd used for account activation and password resetting can be used interchangeably for these operations. When used, they are sent to the server as a GET parameter and they are not single use, which means, that during token expiration time an on-path attacker might reuse such a token to change user\u0027s password and take over the account.\u00a0Moreover, the tokens also include base64 encoded user email.\n\nThis issue impacts releases up to 3.7.4 and was addressed by pull request 2679 https://github.com/CTFd/CTFd/pull/2679 \u00a0included in 3.7.5 release." } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 6.3, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-837", "description": "CWE-837 Improper Enforcement of a Single, Unique Action", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-1391", "description": "CWE-1391 Use of Weak Credentials", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-02T16:08:20.242Z", "orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "shortName": "CERT-PL" }, "references": [ { "tags": [ "third-party-advisory" ], "url": "https://cert.pl/en/posts/2025/01/CVE-2024-11716" }, { "tags": [ "product" ], "url": "https://ctfd.io/" }, { "tags": [ "patch" ], "url": "https://github.com/CTFd/CTFd/pull/2679" }, { "tags": [ "vendor-advisory" ], "url": "https://blog.ctfd.io/ctfd-3-7-5/" }, { "tags": [ "mailing-list", "exploit" ], "url": "https://seclists.org/fulldisclosure/2024/Dec/21" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "assignerShortName": "CERT-PL", "cveId": "CVE-2024-11717", "datePublished": "2025-01-02T16:08:20.242Z", "dateReserved": "2024-11-25T17:36:39.487Z", "dateUpdated": "2025-01-02T17:33:59.325Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-12123 (GCVE-0-2024-12123)
Vulnerability from cvelistv5
Published
2024-12-04 03:26
Modified
2024-12-04 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A hidden field manipulation vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user.
When an authenticated user submits a ticket, the request can be intercepted and subsequently modified by using a proxy. The ticket requester can be changed from the original requester to another user in the same application,
which the application then accepts.
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-12123", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-12-04T14:05:29.170205Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-04T14:09:11.911Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Issuetrak", "vendor": "Issuetrak", "versions": [ { "status": "affected", "version": "Issuetrak 17.1" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Harrison Daley" } ], "datePublic": "2024-12-03T08:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eA hidden field manipulation vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user.\u0026nbsp;\n\nWhen an authenticated user submits a ticket, the request can be intercepted and subsequently modified by using a proxy.\u0026nbsp; The ticket requester can be changed from the original requester to another user in the same application, \nwhich the application then accepts.\n\n\u003c/span\u003e" } ], "value": "A hidden field manipulation vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user.\u00a0\n\nWhen an authenticated user submits a ticket, the request can be intercepted and subsequently modified by using a proxy.\u00a0 The ticket requester can be changed from the original requester to another user in the same application, \nwhich the application then accepts." } ], "impacts": [ { "capecId": "CAPEC-162", "descriptions": [ { "lang": "en", "value": "CAPEC-162 Manipulating Hidden Fields" } ] } ], "metrics": [ { "cvssV4_0": { "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 5.3, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-472", "description": "CWE-472: External Control of Assumed-Immutable Web Parameter", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-837", "description": "CWE-837 Improper Enforcement of a Single, Unique Action", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-04T03:26:00.918Z", "orgId": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "shortName": "Gridware" }, "references": [ { "url": "https://helpcenter.issuetrak.com/home/2340-issuetrak-release-notes" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Ensure the Issuetrak application is updated to version 17.2 or later." } ], "value": "Ensure the Issuetrak application is updated to version 17.2 or later." } ], "source": { "discovery": "UNKNOWN" }, "title": "Unauthorized Modification of Ticket Requester", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "b7efe717-a805-47cf-8e9a-921fca0ce0ce", "assignerShortName": "Gridware", "cveId": "CVE-2024-12123", "datePublished": "2024-12-04T03:26:00.918Z", "dateReserved": "2024-12-03T23:13:54.977Z", "dateUpdated": "2024-12-04T14:09:11.911Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-4629 (GCVE-0-2024-4629)
Vulnerability from cvelistv5
Published
2024-09-03 19:42
Modified
2025-01-28 09:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-837 - Improper Enforcement of a Single, Unique Action
Summary
A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection by exploiting the timing of login attempts. By initiating multiple login requests simultaneously, attackers can exceed the configured limits for failed attempts before the system locks them out. This timing loophole enables attackers to make more guesses at passwords than intended, potentially compromising account security on affected systems.
References
► | URL | Tags | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
► |
Version: 24.0.3 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-4629", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-03T20:20:28.329028Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-03T20:20:42.938Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-11-14T16:59:26.284Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "https://security.humanativaspa.it/an-analysis-of-the-keycloak-authentication-system/" }, { "url": "https://github.com/hnsecurity/vulns/blob/main/HNS-2024-09-Keycloak.md" } ], "title": "CVE Program Container", "x_generator": { "engine": "ADPogram 0.0.1" } } ], "cna": { "affected": [ { "collectionURL": "https://github.com/keycloak/keycloak", "packageName": "keycloak", "versions": [ { "status": "affected", "version": "24.0.3" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:build_keycloak:22" ], "defaultStatus": "unaffected", "packageName": "org.keycloak-keycloak-parent", "product": "Red Hat Build of Keycloak", "vendor": "Red Hat" }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:build_keycloak:22::el9" ], "defaultStatus": "affected", "packageName": "rhbk/keycloak-operator-bundle", "product": "Red Hat build of Keycloak 22", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "22.0.12-1", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:build_keycloak:22::el9" ], "defaultStatus": "affected", "packageName": "rhbk/keycloak-rhel9", "product": "Red Hat build of Keycloak 22", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "22-17", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:build_keycloak:22::el9" ], "defaultStatus": "affected", "packageName": "rhbk/keycloak-rhel9-operator", "product": "Red Hat build of Keycloak 22", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "22-20", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:red_hat_single_sign_on:7.6" ], "defaultStatus": "unaffected", "packageName": "org.keycloak-keycloak-parent", "product": "Red Hat Single Sign-On 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7" ], "defaultStatus": "affected", "packageName": "rh-sso7-keycloak", "product": "Red Hat Single Sign-On 7.6 for RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:18.0.16-1.redhat_00001.1.el7sso", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8" ], "defaultStatus": "affected", "packageName": "rh-sso7-keycloak", "product": "Red Hat Single Sign-On 7.6 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:18.0.16-1.redhat_00001.1.el8sso", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9" ], "defaultStatus": "affected", "packageName": "rh-sso7-keycloak", "product": "Red Hat Single Sign-On 7.6 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:18.0.16-1.redhat_00001.1.el9sso", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:rhosemc:1.0::el8" ], "defaultStatus": "affected", "packageName": "rh-sso-7/sso76-openshift-rhel8", "product": "RHEL-8 based Middleware Containers", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "7.6-52", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8" ], "defaultStatus": "affected", "packageName": "org.keycloak-keycloak-parent", "product": "Red Hat JBoss Enterprise Application Platform 8", "vendor": "Red Hat" } ], "datePublic": "2024-09-03T19:38:00.000Z", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection by exploiting the timing of login attempts. By initiating multiple login requests simultaneously, attackers can exceed the configured limits for failed attempts before the system locks them out. This timing loophole enables attackers to make more guesses at passwords than intended, potentially compromising account security on affected systems." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Low" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-837", "description": "Improper Enforcement of a Single, Unique Action", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-28T09:33:25.316Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:6493", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:6493" }, { "name": "RHSA-2024:6494", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:6494" }, { "name": "RHSA-2024:6495", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:6495" }, { "name": "RHSA-2024:6497", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:6497" }, { "name": "RHSA-2024:6499", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:6499" }, { "name": "RHSA-2024:6500", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:6500" }, { "name": "RHSA-2024:6501", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:6501" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2024-4629" }, { "name": "RHBZ#2276761", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276761" } ], "timeline": [ { "lang": "en", "time": "2024-04-23T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2024-09-03T19:38:00+00:00", "value": "Made public." } ], "title": "Keycloak: potential bypass of brute force protection", "workarounds": [ { "lang": "en", "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." } ], "x_redhatCweChain": "CWE-837: Improper Enforcement of a Single, Unique Action" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2024-4629", "datePublished": "2024-09-03T19:42:01.318Z", "dateReserved": "2024-05-07T20:47:03.184Z", "dateUpdated": "2025-01-28T09:33:25.316Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.