← Back to CVEs
CVE-2024-24554
HIGH8.2
Description
Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API.
CVE Details
CVSS v3.1 Score8.2
SeverityHIGH
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published6/24/2024
Last Modified1/2/2026
Sourcenvd
Honeypot Sightings0
Affected Products
bludit:bludit
Weaknesses (CWE)
CWE-287CWE-338
References
https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/(vulnerability@ncsc.ch)
https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.