CVE-2024-57439

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Jan 29, 2025

CWE ID 281

Summary

CVE-2024-57439 is a vulnerability affecting ruoyi v4.8.0 that allows attackers with administrative privileges to cause a Denial of Service (DoS) by manipulating the reset password interface. By duplicating a login name, attackers can trigger an overflow condition, resulting in the interface becoming unresponsive and inaccessible to legitimate users. This issue poses a significant risk to system availability and should be addressed promptly through an update or patch.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2T7MXp
https://www.cve.org/CVERecord?id=CVE-2024-57439
https://nvd.nist.gov/vuln/detail/CVE-2024-57439

Back to Vulnerability Database

CVE-2024-57439

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations