CVE-2024-24757

CVSS 3.1 Score 7.6 of 10 (high)

Details

Published Feb 2, 2024
Updated: Feb 10, 2024
CWE ID 200

Summary

CVE-2024-24757 is a cyber vulnerability that affects the open-irs issue response robot, which responds to issues in the installed repository. The vulnerability arises from the accidental upload of the .env file while working with git actions. This issue has been addressed in version 1.0.1 of open-irs, and to remediate it, it is recommended to discontinue all sensitive keys and turn them into secrets. The potential danger posed by this vulnerability to an organization is categorized as high severity, with a base score of 7.6 out of 10. It has a low impact on integrity and confidentiality but can have a significant impact on availability if exploited.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-24757 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options