๐Ÿ” CVE Alert

CVE-2024-50703

MEDIUM 5.4
CVSS Score
5.4
EPSS Score
0.0%
EPSS Percentile
0th

TeamPass before 3.1.3.1 does not properly prevent a user from acting with the privileges of a different user_id.

CWE CWE-472
Vendor teampass
Product teampass
Published Dec 30, 2024
Last Updated Dec 30, 2024
Stay Ahead of the Next One

Get instant alerts for teampass teampass

Be the first to know when new medium vulnerabilities affecting teampass teampass are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

TeamPass / TeamPass
0 < 3.1.3.1

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/nilsteampassnet/TeamPass/compare/3.1.3...3.1.3.1 github.com: https://github.com/nilsteampassnet/TeamPass/compare/3.1.2...3.1.3.1 github.com: https://github.com/nilsteampassnet/TeamPass/commit/c7f7f809071eaa9e04505ee79cec7049a42959e9