Miggo Logo
Miggo Vulnerability Database
CVE-2024-2196

CVE-2024-2196: Aim Cross-Site Request Forgery vulnerability allows user to delete runs and perform other operations

8.8

CVSS Score
3.0

Basic Information

CVE ID
CVE-2024-2196
GHSA ID
GHSA-99w2-67h8-5948
EPSS Score
0.71974%
CWE
CWE-352
Published
4/10/2024
Updated
4/10/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
aimpip<= 3.17.5

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

*im*u*io/*im is vuln*r**l* to *ross-Sit* R*qu*st *or**ry (*SR*), *llowin* *tt**k*rs to p*r*orm **tions su** *s **l*tin* runs, up**tin* **t*, *n* st**lin* **t* lik* lo* r**or*s *n* not*s wit*out t** us*r's *ons*nt. T** vuln*r**ility st*ms *rom t** l**

Reasoning

No *n*lysis *v*il**l*