CVE-2024-24768

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 5, 2024

Updated: Feb 13, 2024

CWE ID 311

CWE ID 315

Summary

CVE-2024-24768 is a vulnerability affecting the 1Panel open source Linux server management software. The issue lies in the HTTPS cookie, which lacks the "Secure" attribute. Consequently, this cookie can be transmitted in plain text when HTTP is used, potentially exposing sensitive information. Users are advised to upgrade to version 1.9.6 to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uVGzaJ
https://www.cve.org/CVERecord?id=CVE-2024-24768
https://nvd.nist.gov/vuln/detail/CVE-2024-24768

Back to Vulnerability Database

CVE-2024-24768

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations