CVE-2024-1682

Published Nov 14, 2024

Last updated 2 days ago

CVSS medium 4.3

Overview

Description
An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been claimed by an external party. The use of this unclaimed S3 bucket could lead to data integrity issues, data leakage, availability problems, loss of trustworthiness, and potential further attacks if the bucket is used to host malicious content or as a pivot point for further attacks.
Source
security@huntr.dev
NVD status
Awaiting Analysis

Risk scores

CVSS 3.0

Type
Secondary
Base score
4.3
Impact score
1.4
Exploitability score
2.8
Vector string
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Severity
MEDIUM

Weaknesses

security@huntr.dev
CWE-840

Social media

Hype score
Not currently trending

  1. CVE-2024-1682 An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been claimed by an external party. Th… https://t.co/FFYXa065Ko

    @CVEnew

    14 Nov 2024

    247 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

References