aimeos/ai-admin-graphql is the Aimeos GraphQL API admin interface. Starting in version 2022.04.01 and prior to versions 2022.10.10, 2023.10.6, and 2024.04.6, an improper access control vulnerability allows an editor to modify and take over an admin account in the back end. Versions 2022.10.10, 2023.10.6, and 2024.04.6 fix this issue.
References
Configurations
No configuration.
History
21 Nov 2024, 09:27
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References | () https://github.com/aimeos/ai-admin-graphql/commit/2d89d98cdcad880a9244b50736b08c1a171379ca - | |
References | () https://github.com/aimeos/ai-admin-graphql/commit/54d6b7cf4530cb3b95f52775c24056c48e6d26e9 - | |
References | () https://github.com/aimeos/ai-admin-graphql/commit/787028de0a3ecbf3e9f63ab1454eac99ce7693a9 - | |
References | () https://github.com/aimeos/ai-admin-graphql/security/advisories/GHSA-vc7j-99jw-jrqm - |
02 Jul 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-02 16:15
Updated : 2024-11-21 09:27
NVD link : CVE-2024-39323
Mitre link : CVE-2024-39323
CVE.ORG link : CVE-2024-39323
JSON object : View
Products Affected
No product.