CVE-2024-24771

Summary

CVE-2024-24771 is a vulnerability found in Open Forms, a software that allows users to create and publish smart forms. The affected versions are prior to 2.2.9, 2.3.7, 2.4.5, and 2.5.2. The vulnerability involves a non-exploitable weakness in multi-factor authentication (MFA). If superusers' credentials are compromised, the second-factor authentication could potentially be bypassed if an attacker manages to authenticate to Open Forms. Although the maintainers of Open Forms believe this login is not possible, if successful, the attacker could abuse the victim's account to view sensitive submission data or impersonate other staff accounts for unauthorized access or modification of data. To mitigate exploitation, three factors help prevent it: the main login page does not fully log in until the second factor is provided; a misconfigured additional login page cannot be used; and there are no other known ways of bypassing MFA on Open Forms. Affected Products: urPus1, urPus0, urPus3, urPus2, urPusx, urPusw, urPusz, urPusy, urPus9, urPus8, urPus_, urPus-, and many more. Remediation steps: Update Open Forms to version 2.2.9 if using versions prior to it. Potential Danger: The vulnerability poses a medium risk with a base score of 5.9 out of 10 according to NVD analysis. It requires high privileges and can only be exploited over the network with no user interaction required. The impact on integrity and confidentiality is high but availability is not impacted directly by this vulnerability according to the CVSS vector string (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N).

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.