CVE-2024-12225

CRITICAL Year: 2024
CVSS v3 Score
9.1
Critical
Weakness Type
CWE-288
View all →

Vulnerability Description

A vulnerability was found in Quarkus in the quarkus-security-webauthn module. The Quarkus WebAuthn module publishes default REST endpoints for registering and logging users in while allowing developers to provide custom REST endpoints. When developers provide custom REST endpoints, the default endpoints remain accessible, potentially allowing attackers to obtain a login cookie that has no corresponding user in the Quarkus application or, depending on how the application is written, could correspond to an existing user that has no relation with the current attacker, allowing anyone to log in as an existing user by just knowing that user's user name.

Related Vulnerabilities

CVE-2021-41292

CRITICAL
CVSS:9.1(Critical)

ECOA BAS controller suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can remotely bypass authentication and disclose sensitive information and ...

CWE-2882021

CVE-2022-34372

CRITICAL
CVSS:9.1(Critical)

Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially access and interact with the docker registr...

CWE-2882022

CVE-2023-20269

CRITICAL
CVSS:9.1(Critical)

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker t...

CWE-2882023

CVE-2023-34335

CRITICAL
CVSS:9.1(Critical)

AMI BMC contains a vulnerability in the IPMI handler, where an unauthenticated host is allowed to write to a host SPI flash, bypassing secure boot protections. An exploitation of this vulnerability ma...

CWE-2882023

CVE-2023-41256

CRITICAL
CVSS:9.1(Critical)

Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 are vulnerable to authentication bypass that could allow an unauthorized attac...

CWE-2882023

CVE-2024-33610

CRITICAL
CVSS:9.1(Critical)

"sessionlist.html" and "sys_trayentryreboot.html" are accessible with no authentication. "sessionlist.html" provides logged-in users' session information including session cookies, and "sys_trayentryr...

CWE-2882024