Products
Bludit
Source
vulnerability@ncsc.ch
Tags
CVE-2024-24554 details
Published : June 24, 2024, 8:15 a.m.
Last Modified : June 24, 2024, 12:57 p.m.
Last Modified : June 24, 2024, 12:57 p.m.
Description
Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-287 | Improper Authentication | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
References
| URL | Source |
|---|---|
| https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/ | vulnerability@ncsc.ch |
This website uses the NVD API, but is not approved or certified by it.