How severe is CVE-2024-24595?

CVE-2024-24595 has a CVSS v3 score of 6 (MEDIUM).

CVE-2024-24595

Name: clearml
Author: clear

6.0MEDIUM

Allegro AI’s open-source version of ClearML stores passwords in plaintext within the MongoDB instance, resulting in a compromised server leaking all user emails and passwords.

Опубликовано: 2/5/2024Обновлено: 11/21/2024

Описание

Allegro AI’s open-source version of ClearML stores passwords in plaintext within the MongoDB instance, resulting in a compromised server leaking all user emails and passwords.

ИИ-АнализНа базе ИИ

Затронутые продукты

clearclearml

Ссылки

https://hiddenlayer.com/research/not-so-clear-how-mlops-solutions-can-muddy-the-waters-of-your-supply-chain/
Third Party Advisory
https://hiddenlayer.com/research/not-so-clear-how-mlops-solutions-can-muddy-the-waters-of-your-supply-chain/
Third Party Advisory