Description
Improper privilege management in Yugabyte Platform allows authenticated admin users to escalate privileges to SuperAdmin via a crafted PUT HTTP request, potentially leading to unauthorized access to sensitive system functions and data.
Published: 2024-07-19
Score: 6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2024-47897 Improper privilege management in Yugabyte Platform allows authenticated admin users to escalate privileges to SuperAdmin via a crafted PUT HTTP request, potentially leading to unauthorized access to sensitive system functions and data.
History

No history.

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Yugabyte

Published:

Updated: 2024-08-01T21:45:38.372Z

Reserved: 2024-07-18T21:27:07.259Z

Link: CVE-2024-6908

cve-icon Vulnrichment

Updated: 2024-08-01T21:45:38.372Z

cve-icon NVD

Status : Deferred

Published: 2024-07-19T15:15:10.747

Modified: 2026-06-17T08:18:57.507

Link: CVE-2024-6908

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses