CVE-2024-8042

CVSS V2 None CVSS V3 None
Description
Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing authorization issues whereby an attacker can intercept local requests to set the name and description of a new user group. This could potentially lead to an empty user group being added to the incorrect customer. This vulnerability is remediated as of August 14, 2024.
Overview
  • CVE ID
  • CVE-2024-8042
  • Assigner
  • rapid7
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-09-09T15:02:38.681Z
  • Last Modified Date
  • 2024-09-09T17:12:45.623Z
References
History
Created Old Value New Value Data Type Notes
2024-09-10 13:02:40 Added to TrackCVE