A vulnerability was found in Zitadel up to 2.44.2/2.45.0. It has been classified as critical. This affects an unknown part of the component Cookie Handler. The manipulation leads to improper privilege management.

This vulnerability is uniquely identified as CVE-2024-28197. The attack can only be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.