CVE-2024-25128

CRITICAL Year: 2024
CVSS v3 Score
9.1
Critical
Weakness Type
CWE-287
View all →

Vulnerability Description

Flask-AppBuilder is an application development framework, built on top of Flask. When Flask-AppBuilder is set to AUTH_TYPE AUTH_OID, it allows an attacker to forge an HTTP request, that could deceive the backend into using any requested OpenID service. This vulnerability could grant an attacker unauthorised privilege access if a custom OpenID service is deployed by the attacker and accessible by the backend. This vulnerability is only exploitable when the application is using the OpenID 2.0 authorization protocol. Upgrade to Flask-AppBuilder 4.3.11 to fix the vulnerability.

Related Vulnerabilities

CVE-2007-1966

CRITICAL
CVSS:9.1(Critical)

Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID cookie.

CWE-2872007

CVE-2008-3738

CRITICAL
CVSS:9.1(Critical)

Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to hijack web sessions via unspecified vectors.

CWE-2872008

CVE-2013-4454

CRITICAL
CVSS:9.1(Critical)

WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities

CWE-2872013

CVE-2013-4462

CRITICAL
CVSS:9.1(Critical)

WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability

CWE-2872013

CVE-2014-4198

CRITICAL
CVSS:9.1(Critical)

A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that neglects the use of ADPswID and AD parameters, which could let a malicious user ...

CWE-2872014

CVE-2016-4432

CRITICAL
CVSS:9.1(Critical)

The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to con...

CWE-2872016