CVE-2024-5166

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published May 22, 2024

CWE ID 639

Summary

CVE-2024-5166 is a vulnerability affecting Google Cloud's Looker platform. This issue involves an Insecure Direct Object Reference, which exposes metadata across authenticated users who share the same LookML model. As a result, sensitive information could be accessed by unintended users, potentially leading to data leaks. Google has addressed this vulnerability, and users are encouraged to update their Looker installations to the latest version to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wCqNLL
https://www.cve.org/CVERecord?id=CVE-2024-5166
https://nvd.nist.gov/vuln/detail/CVE-2024-5166

Back to Vulnerability Database

CVE-2024-5166

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations