CVE-2024-28197 | Zitadel up to 2.44.2/2.45.0 Cookie privileges management (GHSA-mq4x-r2w3-j7mr)

Inserito da Angelo Barbosa | Mar 12, 2024 | CVE

A vulnerability was found in Zitadel up to 2.44.2/2.45.0. It has been classified as critical. This affects an unknown part of the component Cookie Handler. The manipulation leads to improper privilege management.

This vulnerability is uniquely identified as CVE-2024-28197. The attack can only be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-28197 | Zitadel up to 2.44.2/2.45.0 Cookie privileges management (GHSA-mq4x-r2w3-j7mr)

Post correlati

CVE-2023-31356 | AMD EPYC 7003 Processors/EPYC 9004 Processors SEV Firmware memory corruption

CVE-2024-4516 | Campcodes Complete Web-Based School Management 1.0 /view/timetable.php grade cross site scripting

CVE-2024-10976 | PostgreSQL up to 17.0 improper preservation of consistency between independent representations of shared state

CVE-2021-34970 | Foxit PDF Reader 11.0.1.49938 print format string (ZDI-21-1201)