CVE-2024-31760

EUVD-2024-29633
An issue in sanluan flipped-aurora gin-vue-admin 2.4.x allows an attacker to escalate privileges via the Session Expiration component.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.7 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CISA-ADPADP
4.7 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
Common Weakness Enumeration
References
https://gist.github.com/menghaining/8d424faebfe869c80eadaea12bbdd158
https://github.com/flipped-aurora/gin-vue-admin/issues/1324
https://github.com/menghaining/PoC/blob/main/gin-vue-admin/gin-vue-admin--PoC.md
https://gist.github.com/menghaining/8d424faebfe869c80eadaea12bbdd158
https://github.com/flipped-aurora/gin-vue-admin/issues/1324
https://github.com/menghaining/PoC/blob/main/gin-vue-admin/gin-vue-admin--PoC.md