Zurück zur CVE-Übersicht
CVE-2024-22047
LOW(3.1)CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
Risk Signal Score8/100 — NIEDRIG
EPSS-Score
0%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
3.1
Technische Schwere
Beschreibung
A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user.
Referenzen
- https://github.com/advisories/GHSA-hjp3-5g2q-7jww
- https://github.com/collectiveidea/audited/issues/601
- https://github.com/collectiveidea/audited/pull/669
- https://github.com/collectiveidea/audited/pull/671
- https://github.com/collectiveidea/audited/security/advisories/GHSA-hjp3-5g2q-7jw...
- https://vulncheck.com/advisories/vc-advisory-GHSA-hjp3-5g2q-7jww
- https://github.com/advisories/GHSA-hjp3-5g2q-7jww
- https://github.com/collectiveidea/audited/issues/601
- https://github.com/collectiveidea/audited/pull/669
- https://github.com/collectiveidea/audited/pull/671