CVE-2024-52311 – Authentication tokens issued via Cognito in data.all are not invalidated on log out, …

9 November 2024

Vuln ID: CVE-2024-52311

Published: 2024-11-09 01:15:04.133

Description: Authentication tokens issued via Cognito in data.all are not invalidated on log out, allowing for previously authenticated user to continue execution of authorized API Requests until token is expired.

Base Score: 6.3 – MEDIUM

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Source: NVD.NIST.GOV

Date:

9 November 2024

Categorie(s):

NVD

Tag(s):

NVD

Data Vigilante Leaks 8 Million Employee Records from Amazon, HP and Others12 November 2024
‘Cybersecurity issue’ at Food Lion parent blamed for US grocery mayhem12 November 2024
Biden Administration to Back UN Cybercrime Treaty Amid Controversy12 November 2024
The AI Fix #24: Where are the alien AIs, and are we being softened up for superintelligence?12 November 2024
DeepTempo exits stealth with AI-powered cybersecurity app on Snowflake Marketplace12 November 2024