Langflow versions prior to 1.0.13 suffer from a Privilege Escalation vulnerability, allowing a remote and low privileged attacker to gain super admin privileges by performing a mass assignment request on the '/api/v1/users' endpoint.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.tenable.com/security/research/tra-2024-26 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: tenable
Published: 2024-07-30T16:13:48.008Z
Updated: 2024-08-01T21:52:31.427Z
Reserved: 2024-07-30T15:07:37.840Z
Link: CVE-2024-7297
Vulnrichment
Updated: 2024-08-01T21:52:31.427Z
NVD
Status : Awaiting Analysis
Published: 2024-07-30T17:15:14.513
Modified: 2024-11-21T09:51:14.313
Link: CVE-2024-7297
Redhat
No data.