CVE-2024-50701

medium

Description

TeamPass before 3.1.3.1, when retrieving information about access rights for a folder, does not properly check whether a folder is in a user's allowed folders list that has been defined by an admin.

References

https://github.com/nilsteampassnet/TeamPass/compare/3.1.3...3.1.3.1

https://github.com/nilsteampassnet/TeamPass/compare/3.1.2...3.1.3.1

https://github.com/nilsteampassnet/TeamPass/commit/ddbb2d3d94085dced50c4936fd2215af88e4a88d

Details

Source: Mitre, NVD

Published: 2024-12-30

Updated: 2024-12-30

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N