CVE-2024-50477

Authentication Bypass Using an Alternate Path or Channel (CWE-288)

Published: Oct 28, 2024 / Updated: 22d ago

010
CVSS 9.8EPSS 0.04%Critical
CVE info copied to clipboard

Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication Bypass.This issue affects Stacks Mobile App Builder: from n/a through 5.2.3.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-50477

Oct 28, 2024 at 12:15 PM
First Article

Feedly found the first article mentioning CVE-2024-50477. See article

Oct 28, 2024 at 12:21 PM / Vulners.com RSS Feed
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 28, 2024 at 12:21 PM
EPSS

EPSS Score was set to: 0.04% (Percentile: 9.9%)

Oct 29, 2024 at 9:43 AM
Static CVE Timeline Graph

Affected Systems

Stacksmarket/stacks_mobile_app_builder
+null more

Links to Mitre Att&cks

T1083: File and Directory Discovery
+null more

Attack Patterns

CAPEC-127: Directory Indexing
+null more

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI