Authentications Bypass Using an Alternate Path or Channel Vulnerability
CVE-2024-50489

9.8CRITICAL

Key Information:

Vendor: WordPress
Status: Realty Workstation
Vendor: CVE Published:; 28 October 2024

What is CVE-2024-50489?

The vulnerability in Realty Workstation allows attackers to bypass authentication mechanisms using alternate paths or channels, potentially leading to unauthorized access. This flaw primarily affects versions prior to 1.0.45, posing significant security risks if not addressed. Users of Realty Workstation are advised to review their configurations and update to the latest version to mitigate vulnerabilities associated with authentication processes.

Affected Version(s)

Realty Workstation <= 1.0.45

References

https://patchstack.com/database/vulnerability/realty-work...

vdb-entry

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 28, 2024
Vulnerability Reserved
Oct 24, 2024

Credit

ghsinfosec (Patchstack Alliance)

WordPress

What is CVE-2024-50489?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit