CVE-2024-24554

Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API.
CVSS

No CVSS.

Configurations

No configuration.

History

24 Jun 2024, 12:57

Type Values Removed Values Added
Summary
  • (es) Bludit utiliza métodos predecibles en combinación con el algoritmo hash MD5 para generar tokens confidenciales, como el token API y el token de usuario. Esto permite a los atacantes autenticarse en la API de Bludit.

24 Jun 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-24 08:15

Updated : 2024-06-24 12:57


NVD link : CVE-2024-24554

Mitre link : CVE-2024-24554

CVE.ORG link : CVE-2024-24554


JSON object : View

Products Affected

No product.

CWE
CWE-287

Improper Authentication

CWE-338

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)