Description
Improper privilege management in Yugabyte Platform allows authenticated admin users to escalate privileges to SuperAdmin via a crafted PUT HTTP request, potentially leading to unauthorized access to sensitive system functions and data.
Published: 2024-07-19
Score: 6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2024-47897 Improper privilege management in Yugabyte Platform allows authenticated admin users to escalate privileges to SuperAdmin via a crafted PUT HTTP request, potentially leading to unauthorized access to sensitive system functions and data.
History

No history.

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Yugabyte

Published:

Updated: 2024-08-01T21:45:38.372Z

Reserved: 2024-07-18T21:27:07.259Z

Link: CVE-2024-6908

cve-icon Vulnrichment

Updated: 2024-08-01T21:45:38.372Z

cve-icon NVD

Status : Deferred

Published: 2024-07-19T15:15:10.747

Modified: 2026-06-17T08:18:57.507

Link: CVE-2024-6908

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses
  • CWE-269

    Improper Privilege Management