CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-47876

Sakai is a Collaboration and Learning Environment. Starting in version 23.0 and prior to version 23.2, kernel users created with type roleview can log in as a normal user. This can result in illegal access being granted to the system. Version 23.3 fixes this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.5%

CVSS Severity

CVSS v3 Score 8.8

References

https://github.com/sakaiproject/sakai/commit/a9aadd9347cfb204515e89ac0163e1be9e56cc41
https://github.com/sakaiproject/sakai/security/advisories/GHSA-cx95-q6gx-w4qp
https://sakaiproject.atlassian.net/browse/SAK-50571

Products affected by CVE-2024-47876

Sakailms » Sakai » Version: 23.0

cpe:2.3:a:sakailms:sakai:23.0
Sakailms » Sakai » Version: 23.1

cpe:2.3:a:sakailms:sakai:23.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-47876

Products

Pricing

Contact Us