Home > Vulnerability Database > CVE-2024-55634

Mend.io Vulnerability Database

CVE-2024-55634

Date: December 9, 2024

A vulnerability in Drupal Core allows Privilege Escalation.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8.

Language: PHP

Severity Score

8.1

Related Resources (5)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-55634

Url: https://github.com/drupal/core/commit/7ae0e8f1824e15f8b2b06e4da09836250e85e934

Url: https://github.com/drupal/core

Url: https://www.drupal.org/sa-core-2024-004

Url: https://www.mend.io/vulnerability-database/CVE-2024-55634

Severity Score

8.1

Weakness Type (CWE)

Improper Handling of Case Sensitivity

CWE-178

Authentication Bypass by Alternate Name

CWE-289

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2024-55634

Date: December 9, 2024

Language: PHP

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?