CVE-2024-24590

CVSS 3.1 Score 8.0 of 10 (high)

Details

Published Feb 6, 2024
Updated: Feb 15, 2024
CWE ID 502

Summary

CVE-2024-24590 is a vulnerability in versions 0.17.0 to 1.14.2 of Allegro AI's ClearML platform's client SDK, which allows the deserialization of untrusted data. This vulnerability can be exploited by an attacker who uploads a malicious artifact, enabling them to execute arbitrary code on a user's system when interacted with. The affected products include umfRWe, umfRWc, umfRWd, and umfRWb. The risk score for this vulnerability is 66, indicating a high severity level with the potential for significant impact on confidentiality and integrity of the system.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-24590 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options