CVE-2024-23639
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Feb 9, 2024
Updated: Feb 16, 2024
CWE ID 610
CWE ID 15
CWE ID 664
Summary
CVE-2024-23639 affects the Micronaut Framework, a modern Java development tool. Unsecured management endpoints in the framework are vulnerable to localhost attacks, allowing malicious websites to make unauthorized HTTP requests. This issue can have more significant impacts in development environments where such endpoints may be enabled carelessly. The attacks bypass CORS checks for certain requests, and the vulnerability has been patched in version 3.8.3. Developers are advised to upgrade as soon as possible to prevent potential security breaches.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Objectcomputing Micronaut
Affected Vendors
- Object Computing Inc.
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
Note: This is just a basic overview providing quick insights into CVE-2024-23639 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions