How severe is CVE-2024-45050?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2024-45050?

This is classified as CWE-862, which is a common weakness in software security.

CVE-2024-45050 - HIGH Severity | CVSS 7.1

Vulnerability Description

Ringer server is the server code for the Ringer messaging app. Prior to version 1.3.1, there is an issue with the messages loading route where Ringer Server does not check to ensure that the user loading the conversation is actually a member of that conversation. This allows any user with a Lif Account to load any conversation between two users without permission. This issue had been patched in version 1.3.1. There is no action required for users. Lif Platforms will update their servers with the patch.

Related Vulnerabilities

CVE-2018-14985

HIGH

CVSS:7.1(High)

The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.a...

CWE-8622018

CVE-2018-15005

HIGH

CVSS:7.1(High)

The ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917VL/fortune:6.0.1/MMB29M/20170327.120922:user/release-keys contains a pre-installed platform app with a package name of com.zte.zdm...

CWE-8622018

CVE-2018-17490

HIGH

CVSS:7.1(High)

EasyLobby Solo is vulnerable to a denial of service. By visiting the kiosk and accessing the task manager, a local attacker could exploit this vulnerability to kill the process or launch new processes...

CWE-8622018

CVE-2019-14822

HIGH

CVSS:7.1(High)

A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server ...

CWE-8622019

CVE-2020-13425

HIGH

CVSS:7.1(High)

TrackR devices through 2020-05-06 allow attackers to trigger the Beep (aka alarm) feature, which will eventually cause a denial of service when battery capacity is exhausted.

CWE-8622020

CVE-2020-36720

HIGH

CVSS:7.1(High)

The Kali Forms plugin for WordPress is vulnerable to Authenticated Options Change in versions up to, and including, 2.1.1. This is due to the update_option lacking proper authentication checks. This m...

CWE-8622020