4.2

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-48929

GHSA ID

GHSA-wxw9-6pv9-c3xc

EPSS Score

0.24651%

CWE

CWE-384

Published

10/22/2024

Updated

10/22/2024

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-48929

CVE-2024-48929: Umbraco CMS Has Incomplete Server Termination During Explicit Sign-Out

Impact

During an explicit sign-out, the server session is not fully terminated.

(GitHub Advisory)

4.2

CVSS Score

3.1

Basic Information

CVE ID

CVE-2024-48929

GHSA ID

GHSA-wxw9-6pv9-c3xc

EPSS Score

0.24651%

CWE

CWE-384

Published

10/22/2024

Updated

10/22/2024

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
Umbraco.CMS	nuget	>= 13.0.0, < 13.5.2	13.5.2
Umbraco.CMS	nuget	>= 10.0.0, < 10.8.7	10.8.7

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

### Imp**t *urin* *n *xpli*it si*n-out, t** s*rv*r s*ssion is not *ully t*rmin*t**.

Reasoning

No *n*lysis *v*il**l*

4.2

Basic Information

Concerned about an active attack path?

CVE-2024-48929: Umbraco CMS Has Incomplete Server Termination During Explicit Sign-Out

Impact

4.2

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI