CVE-2024-8181

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Aug 27, 2024
Updated: Aug 30, 2024
CWE ID 287

Summary

CVE-2024-8181 is an Authentication Bypass vulnerability identified in Flowise version 1.8.2, which allows remote, unauthenticated attackers to access API endpoints as administrators, potentially compromising restricted functionalities. This vulnerability has a high base severity score of 7.3 and affects the integrity and confidentiality of data, with a low complexity for exploitation. To remediate this issue, organizations should update Flowise to a patched version that addresses this flaw. The potential danger includes unauthorized access to sensitive data and administrative functions, which could lead to significant security breaches within an organization. For more information on the vulnerability, refer to Tenable's advisory at their website.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share