CVE-2024-6908
EUVD-2024-4789719.07.2024, 15:15
Improper privilege management in Yugabyte Platform allows authenticated admin users to escalate privileges to SuperAdmin via a crafted PUT HTTP request, potentially leading to unauthorized access to sensitive system functions and data.Enginsight
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| yugabytedb | yugabytedb_anywhere | 2.14.0.0 ≤ 𝑥 ≤ 2.14.17.0 | ADP |
| yugabytedb | yugabytedb_anywhere | 2.16.0.0 ≤ 𝑥 ≤ 2.16.9.0 | ADP |
| yugabytedb | yugabytedb_anywhere | 2.18.0.0 ≤ 𝑥 < 2.18.7.0 | ADP |
| yugabytedb | yugabytedb_anywhere | 2.20.0.0 ≤ 𝑥 < 2.20.3.0 | ADP |
Common Weakness Enumeration
References