CVE-2024-49587

Published: Dic 19, 2025 Last Modified: Dic 19, 2025

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 9,1

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: none

Description

AI Translation Available

Glutton V1 service endpoints were exposed without any authentication on Gotham stacks, this could have allowed users that did not have any permission to hit glutton backend directly and read/update/delete data. The affected service has been patched and automatically deployed to all Apollo-managed Gotham Instances

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0005

Percentile

0,1th

Updated

EPSS Score Trend (Last 89 Days)

305

Authentication Bypass by Primary Weakness

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Access Control

Potential Impacts:

Bypass Protection Mechanism

Applicable Platforms

All platforms may be affected

View CWE Details

https://palantir.safebase.us/?tcuUid=95e2d805-dd2f-4544-b16…

https://palantir.safebase.us/?tcuUid=95e2d805-dd2f-4544-b164-e61100f47b11

CVE-2024-49587

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 89 Days)

Authentication Bypass by Primary Weakness

Common Consequences

Applicable Platforms

Iscriviti alla newsletter