216.73.216.86

CVE-2024-4215

· Published 02/05/2024 18:15 · Modified 02/05/2024 18:15

Labels: CVE-2024-4215 2024-05-02CVE-2024-4215f86ef6dc-4d3a-42ad-8f28-e6d5547a5007

Essential information

Published
02/05/2024 18:15
Modified
02/05/2024 18:15
Author
Creator
CVSS
7.4 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

CVSS metrics

Description

pgAdmin <= 8.5 is affected by a multi-factor authentication bypass vulnerability. This vulnerability allows an attacker with knowledge of a legitimate account’s username and password may authenticate to the application and perform sensitive actions within the application, such as managing files and executing SQL queries, regardless of the account’s MFA enrollment status.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
f86ef6dc-4d3a-42ad-8f28-e6d5547a5007
NVD
View on NVD

References