How severe is CVE-2024-24773?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2024-24773?

This is classified as CWE-863, which is a common weakness in software security.

CVE-2024-24773

MEDIUM Year: 2024

CVSS v3 Score

6.5

Medium

Weakness Type

CWE-863

View all →

Vulnerability Description

Improper parsing of nested SQL statements on SQLLab would allow authenticated users to surpass their data authorization scope. This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1, which fixes the issue.

CVE-2009-2213

MEDIUM

CVSS:6.5(Medium)

The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Author...

CWE-8632009

CVE-2011-3617

MEDIUM

CVSS:6.5(Medium)

Tahoe-LAFS v1.3.0 through v1.8.2 could allow unauthorized users to delete immutable files in some cases.

CWE-8632011

CVE-2014-0169

MEDIUM

CVSS:6.5(Medium)

In JBoss EAP 6 a security domain is configured to use a cache that is shared between all applications that are in the security domain. This could allow an authenticated user in one application to acce...

CWE-8632014

CVE-2015-1780

MEDIUM

CVSS:6.5(Medium)

oVirt users with MANIPULATE_STORAGE_DOMAIN permissions can attach a storage domain to any data-center

CWE-8632015

CVE-2016-3131

MEDIUM

CVSS:6.5(Medium)

Cloudera CDH before 5.6.1 allows authorization bypass via direct internal API calls.

CWE-8632016

CVE-2016-6353

MEDIUM

CVSS:6.5(Medium)

Cloudera Search in CDH before 5.7.0 allows unauthorized document access because Solr Queries by document id can bypass Sentry document-level security via the RealTimeGetHandler.

CWE-8632016

CVE-2024-24773

Vulnerability Description

Related Vulnerabilities

CVE-2009-2213

CVE-2011-3617

CVE-2014-0169

CVE-2015-1780

CVE-2016-3131

CVE-2016-6353