CVE-2024-36611
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Nov 29, 2024
Updated: Dec 3, 2024
CWE ID 863
Summary
CVE-2024-36611: A false report alleged a vulnerability in Symfony v7.07's FormLoginAuthenticator component. The issue involved inadequate handling of empty username or password fields in login requests, potentially leading to security risks such as improper authentication logic or denial of service. However, the supplier has since determined that this report was not valid.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share