CVE-2024-36611

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 29, 2024
Updated: Dec 3, 2024
CWE ID 863

Summary

CVE-2024-36611: A false report alleged a vulnerability in Symfony v7.07's FormLoginAuthenticator component. The issue involved inadequate handling of empty username or password fields in login requests, potentially leading to security risks such as improper authentication logic or denial of service. However, the supplier has since determined that this report was not valid.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share