Authentication Method Confusion in CodeChecker by Ericsson
CVE-2024-10082
What is CVE-2024-10082?
The vulnerability in CodeChecker opens pathways for unauthorized access due to an authentication method confusion. This arises from the built-in root user generated through a weak mechanism that cannot be disabled and possesses universal access. An attacker with the capability to create an account on an enabled external authentication service can potentially log in as the root user if they acquire the username. This allows them to gain control over all functions accessible via the web interface, leading to significant security implications. This issue impacts CodeChecker in versions up to and including 6.24.1.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.