MidnightBSD

Advisories for collectiveidea

CVE-2024-22047

A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.1 LOW CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N 1.6 1.4
disclosure@vulncheck.com 3.1 LOW CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N 1.6 1.4

Products Affected

Vendor Product Version
collectiveidea audited *