CVE-2024-53351

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Mar 21, 2025

Updated: Apr 1, 2025

CWE ID 276

Summary

CVE-2024-53351 is a recently disclosed vulnerability affecting pipecd version 0.49. This issue arises from insecure permissions, which enable attackers to unauthorizedly obtain the service account's token. Gaining access to this token grants attackers the ability to escalate their privileges, potentially leading to significant security implications. As a result, it is crucial for organizations using pipecd v0.49 to apply the necessary patches or updates to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Linux Foundation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/0uWRD-
https://www.cve.org/CVERecord?id=CVE-2024-53351
https://nvd.nist.gov/vuln/detail/CVE-2024-53351

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2024-53351

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations