Overview
- Description
- A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login?service. The manipulation leads to session expiration. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
- Source
- cna@vuldb.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 4.0
- Type
- Secondary
- Base score
- 6.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Secondary
- Base score
- 3.7
- Impact score
- 1.4
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- LOW
CVSS 2.0
- Type
- Secondary
- Base score
- 2.6
- Impact score
- 2.9
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:P/I:N/A:N
Weaknesses
- cna@vuldb.com
- CWE-613
Social media
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
🚨 CVE-2024-11208 (Published: 2024-11-14) - A high-severity vulnerability in Apereo affects multiple versions. Users are urged to update to the latest release to mitigate risks. For more details, check the advisory: https://t.co/cwe0sHP1WI. Stay secure! 🔒 #CyberSecurity… https:/
@transilienceai
17 Nov 2024
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11208 (Published: 2024-11-14) - A high-severity vulnerability in Apereo affects multiple versions. Users are urged to update to the latest release to mitigate risks. For more details, check the advisory: https://t.co/cwe0sHP1WI. Stay secure! #CyberSecurity… https://t.
@transilienceai
17 Nov 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11208 (Published: 2024-11-14) - High severity vulnerability in Apereo. Affects specific versions; ensure your systems are updated! Remediation steps include applying the latest patches and reviewing security configurations. Stay secure! 🔒 More info:… https://t.co/goO
@transilienceai
17 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11208 (Published: 2024-11-14) - High severity vulnerability in Apereo. Affects specific versions. Ensure your systems are updated to the latest release to mitigate risks. For more details, check the link: https://t.co/cwe0sHP1WI #CyberSecurity #VulnerabilityManagement
@transilienceai
17 Nov 2024
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11208 Session Expiration Vulnerability in Apereo CAS 6.6 Login Service There's a problem in Apereo CAS 6.6. It's in the file /login?service. This issue causes sessions to expire. The attack comes from af... https://t.co/1ZkvQcUsBl
@VulmonFeeds
14 Nov 2024
43 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
CVE-2024-11208 A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login?service. The manipu… https://t.co/Kfsm5QugIL
@CVEnew
14 Nov 2024
97 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes