CVE-2024-52528

Vulnerability Description

Budget Control Gateway acts as an entry point for incoming requests and routes them to the appropriate microservices for Budget Control. Budget Control Gateway does not properly validate auth tokens, which allows attackers to bypass intended restrictions. This vulnerability is fixed in 1.5.2.

Related Weaknesses (CWE)

CWE-285

References

https://github.com/BudgetControl/Gateway/security/advisories/GHSA-jqx6-gm7f-vp7m

FAQ

What is CVE-2024-52528?

CVE-2024-52528 is a documented vulnerability. Budget Control Gateway acts as an entry point for incoming requests and routes them to the appropriate microservices for Budget Control. Budget Control Gateway does not properly validate auth tokens, ...

How severe is CVE-2024-52528?

CVSS scoring is not yet available for CVE-2024-52528. Check NVD for updates.

Is there a patch for CVE-2024-52528?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.