CVE-2024-8462

CVSS 3.1 Score 3.7 of 10 (low)

Details

Published Sep 5, 2024
CWE ID 307

Summary

CVE-2024-8462 is a vulnerability identified in Windmill version 1.380.0, specifically in the HTTP Request Handler component, which allows for improper restriction of excessive authentication attempts. This vulnerability can be exploited remotely and has a high attack complexity, making it difficult to execute. The potential danger includes unauthorized access attempts that could compromise system integrity; however, it has been rated with a low base severity score of 3.7 and low confidentiality impact. To remediate this issue, organizations are advised to upgrade to version 1.390.1, which includes the necessary patch (acfe7786152f036f2476f93ab5536571514fa9e3). The vulnerability poses a low risk, but timely updates are essential to maintain secure operations.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share