← Volver a CVEs
CVE-2024-24554
HIGH8.2
Descripcion
Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API.
Detalles CVE
Puntuacion CVSS v3.18.2
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado6/24/2024
Ultima modificacion1/2/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
bludit:bludit
Debilidades (CWE)
CWE-287CWE-338
Referencias
https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/(vulnerability@ncsc.ch)
https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.