← Retour aux CVEs
CVE-2024-24554
HIGH8.2
Description
Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API.
Details CVE
Score CVSS v3.18.2
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie6/24/2024
Derniere modification1/2/2026
Sourcenvd
Observations honeypot0
Produits affectes
bludit:bludit
Faiblesses (CWE)
CWE-287CWE-338
References
https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/(vulnerability@ncsc.ch)
https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.