CVE-2024-28197 | Zitadel up to 2.44.2/2.45.0 Cookie privileges management (GHSA-mq4x-r2w3-j7mr)

Inserito da Angelo Barbosa | Mar 12, 2024 | CVE

A vulnerability was found in Zitadel up to 2.44.2/2.45.0. It has been classified as critical. This affects an unknown part of the component Cookie Handler. The manipulation leads to improper privilege management.

This vulnerability is uniquely identified as CVE-2024-28197. The attack can only be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-28197 | Zitadel up to 2.44.2/2.45.0 Cookie privileges management (GHSA-mq4x-r2w3-j7mr)

Post correlati

CVE-2024-26145 | Discourse discourse-calendar Private Event authorization

CVE-2024-21099 | Oracle Business Intelligence Enterprise Edition 7.0.0.0.0 Data Visualization information disclosure

CVE-2024-42758 | indexmenu Plugin 2024-01-05 on Dokuwiki cross site scripting

CVE-2024-46938 | Sitecore Experience Platform up to 10.4 information disclosure (KB1003408)