CVE-2024-45340

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jan 28, 2025

Summary

CVE-2024-45340 is a vulnerability affecting the GOAUTH feature in an unspecified software. It allows a malicious server to access unauthorized credentials, as the segmentation of credentials based on domains was not properly implemented. By default, this issue only influences credentials saved in the user's .netrc file. This vulnerability could potentially lead to unauthorized access to sensitive information. Users are advised to take appropriate measures, such as restricting access to their .netrc file or implementing stronger authentication methods, to mitigate the risk of this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/yH1Q-E
https://www.cve.org/CVERecord?id=CVE-2024-45340
https://nvd.nist.gov/vuln/detail/CVE-2024-45340

Back to Vulnerability Database

CVE-2024-45340

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations