CVE-2024-24554

EUVD-2024-21972
Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.2 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
Affected Products (NVD)
VendorProductVersion
bluditbludit
3.14.0 ≤
𝑥
≤ 3.15.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/
https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/