CVE-2024-50488

Authentication Bypass Using an Alternate Path or Channel (CWE-288)

Published: Oct 28, 2024 / Updated: 22d ago

010
CVSS 8.8EPSS 0.04%High
CVE info copied to clipboard

Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token Login allows Authentication Bypass.This issue affects Token Login: from n/a through 1.0.3.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-50488

Oct 28, 2024 at 1:15 PM
First Article

Feedly found the first article mentioning CVE-2024-50488. See article

Oct 28, 2024 at 1:24 PM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 28, 2024 at 1:24 PM
EPSS

EPSS Score was set to: 0.04% (Percentile: 9.9%)

Oct 29, 2024 at 9:43 AM
Static CVE Timeline Graph

Affected Systems

Priyabratasarkar/token_login
+null more

Links to Mitre Att&cks

T1083: File and Directory Discovery
+null more

Attack Patterns

CAPEC-127: Directory Indexing
+null more

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI