Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-29296

Published: 10/04/2024 Updated: 10/04/2024

Vulnerability Summary

A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not.

Github Repositories

https://github.com/Lavender-exe/CVE-2024-29296-PoC

Portainer CVE-2024-29296 Proof of Concept Script ImportantWill be released once Portainer fixes it in update 222 Requirements pip install -r requirementstxt Usage placeholder Credits Reported by: githubcom/ThaySolis/CVE-2024-29296

References

http://portainer.comhttps://github.com/ThaySolis/CVE-2024-29296https://nvd.nist.govhttps://github.com/Lavender-exe/CVE-2024-29296-PoC
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065open redirectCVE-2024-1086path traversalCVE-2024-29825XXECVE-2024-29822CVE-2024-20696CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook