CVE-2024-23344

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Feb 6, 2024

Updated: Feb 15, 2024

CWE ID 200

Summary

CVE-2024-23344 is a vulnerability affecting Tuleap, an open-source software development and collaboration suite. This issue grants unauthorized access to restricted information during the process validation of user permissions, such as mail notifications. The vulnerability has been resolved in version 15.4.99.140 of the Tuleap Community Edition. Users are advised to update as soon as possible to mitigate this security risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Enalean Tuleap

Affected Vendors

Enalean

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uJ4gv0
https://www.cve.org/CVERecord?id=CVE-2024-23344
https://nvd.nist.gov/vuln/detail/CVE-2024-23344

Back to Vulnerability Database