Critical severityNVD Advisory· Published Jun 3, 2024· Updated Feb 13, 2025
CVE-2024-36042
CVE-2024-36042
Description
Silverpeas before 6.3.5 allows authentication bypass by omitting the Password field to AuthenticationServlet, often providing an unauthenticated user with superadmin access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.silverpeas.core:silverpeas-coreMaven | < 6.3.5 | 6.3.5 |
Affected products
2Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-4w54-wwc9-x62cghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-36042ghsaADVISORY
- gist.github.com/ChrisPritchard/4b6d5c70d9329ef116266a6c238dcb2dghsaWEB
- github.com/Silverpeas/Silverpeas-Core/commit/11fb5e21c252ce4751b85fccf5b8076156e0b4f0ghsaWEB
- github.com/Silverpeas/Silverpeas-Core/tagsghsaWEB
- silverpeas.orgghsaWEB
- silverpeas.orgmitre
News mentions
0No linked articles in our index yet.