{"id":"CVE-2024-6895","details":"Insufficient authentication in user account management in Yugabyte Platform allows local network attackers with a compromised user session to change critical security information without re-authentication. An attacker with user session and access to application can modify settings such as password and email without being prompted for the current password, enabling account takeover.","modified":"2026-04-12T16:55:27.584032Z","published":"2024-07-19T15:15:10.547Z","references":[{"type":"FIX","url":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/yugabyte/yugabyte-db","events":[{"introduced":"0"},{"fixed":"9687371d8777f876285b737a9d01995bc46bafa5"}]},{"type":"GIT","repo":"https://github.com/yugabyte/yugabyte-db","events":[{"introduced":"0"},{"fixed":"9687371d8777f876285b737a9d01995bc46bafa5"}]}],"versions":["2.17.3.0-b25_FINAL","2.19.0.0-b100","2.19.0.0-b101","2.19.0.0-b102","2.19.0.0-b103","2.19.0.0-b104","2.19.0.0-b105","2.19.0.0-b106","2.19.0.0-b107","2.19.0.0-b108","2.19.0.0-b109","2.19.0.0-b110","2.19.0.0-b111","2.19.0.0-b112","2.19.0.0-b113","2.19.0.0-b114","2.19.0.0-b123","2.19.0.0-b126","2.19.0.0-b127","2.19.0.0-b128","2.19.0.0-b129","2.19.0.0-b142","2.19.0.0-b143","2.19.0.0-b144","2.19.0.0-b145","2.19.0.0-b146","2.19.0.0-b147","2.19.0.0-b148","2.19.0.0-b149","2.19.0.0-b168","2.19.0.0-b169","2.19.0.0-b170","2.19.0.0-b171","2.19.0.0-b172","2.19.0.0-b173","2.19.0.0-b174","2.19.0.0-b175","2.19.0.0-b176","2.19.0.0-b177","2.19.0.0-b178","2.19.0.0-b179","2.19.0.0-b180","2.19.0.0-b181","2.19.0.0-b183","2.19.0.0-b184","2.19.0.0-b185","2.19.0.0-b34","2.19.0.0-b35","2.19.0.0-b36","2.19.0.0-b37","2.19.0.0-b38","2.19.0.0-b39","2.19.0.0-b40","2.19.0.0-b41","2.19.0.0-b42","2.19.0.0-b43","2.19.0.0-b44","2.19.0.0-b45","2.19.0.0-b46","2.19.0.0-b47","2.19.0.0-b49","2.19.0.0-b50","2.19.0.0-b51","2.19.0.0-b62","2.19.0.0-b63","2.19.0.0-b64","2.19.0.0-b65","2.19.0.0-b66","2.19.0.0-b67","2.19.0.0-b68","2.19.0.0-b69","2.19.0.0-b70","2.19.0.0-b71","2.19.0.0-b72","2.19.0.0-b74","2.19.0.0-b75","2.19.0.0-b76","2.19.0.0-b77","2.19.0.0-b78","2.19.0.0-b79","2.19.0.0-b80","2.19.0.0-b81","2.19.0.0-b82","2.19.0.0-b83","2.19.0.0-b85","2.19.0.0-b87","2.19.0.0-b88","2.19.0.0-b91","2.19.0.0-b92","2.19.0.0-b93","2.19.0.0-b94","2.19.0.0-b95","2.19.0.0-b97","2.19.1.0-b1","2.19.1.0-b10","2.19.1.0-b101","2.19.1.0-b102","2.19.1.0-b103","2.19.1.0-b104","2.19.1.0-b106","2.19.1.0-b107","2.19.1.0-b108","2.19.1.0-b109","2.19.1.0-b11","2.19.1.0-b110","2.19.1.0-b111","2.19.1.0-b112","2.19.1.0-b113","2.19.1.0-b114","2.19.1.0-b115","2.19.1.0-b116","2.19.1.0-b117","2.19.1.0-b118","2.19.1.0-b119","2.19.1.0-b12","2.19.1.0-b120","2.19.1.0-b121","2.19.1.0-b122","2.19.1.0-b123","2.19.1.0-b124","2.19.1.0-b125","2.19.1.0-b126","2.19.1.0-b128","2.19.1.0-b129","2.19.1.0-b13","2.19.1.0-b131","2.19.1.0-b132","2.19.1.0-b134","2.19.1.0-b135","2.19.1.0-b136","2.19.1.0-b137","2.19.1.0-b138","2.19.1.0-b139","2.19.1.0-b14","2.19.1.0-b140","2.19.1.0-b141","2.19.1.0-b143","2.19.1.0-b144","2.19.1.0-b145","2.19.1.0-b146","2.19.1.0-b147","2.19.1.0-b148","2.19.1.0-b149","2.19.1.0-b15","2.19.1.0-b150","2.19.1.0-b151","2.19.1.0-b152","2.19.1.0-b153","2.19.1.0-b154","2.19.1.0-b155","2.19.1.0-b156","2.19.1.0-b157","2.19.1.0-b158","2.19.1.0-b159","2.19.1.0-b16","2.19.1.0-b160","2.19.1.0-b162","2.19.1.0-b163","2.19.1.0-b164","2.19.1.0-b166","2.19.1.0-b167","2.19.1.0-b168","2.19.1.0-b169","2.19.1.0-b17","2.19.1.0-b170","2.19.1.0-b172","2.19.1.0-b173","2.19.1.0-b174","2.19.1.0-b175","2.19.1.0-b176","2.19.1.0-b178","2.19.1.0-b179","2.19.1.0-b181","2.19.1.0-b182","2.19.1.0-b183","2.19.1.0-b184","2.19.1.0-b185","2.19.1.0-b186","2.19.1.0-b187","2.19.1.0-b188","2.19.1.0-b189","2.19.1.0-b191","2.19.1.0-b192","2.19.1.0-b193","2.19.1.0-b194","2.19.1.0-b195","2.19.1.0-b197","2.19.1.0-b199","2.19.1.0-b200","2.19.1.0-b201","2.19.1.0-b202","2.19.1.0-b203","2.19.1.0-b204","2.19.1.0-b205","2.19.1.0-b206","2.19.1.0-b207","2.19.1.0-b208","2.19.1.0-b209","2.19.1.0-b21","2.19.1.0-b210","2.19.1.0-b211","2.19.1.0-b212","2.19.1.0-b213","2.19.1.0-b214","2.19.1.0-b215","2.19.1.0-b216","2.19.1.0-b218","2.19.1.0-b219","2.19.1.0-b22","2.19.1.0-b220","2.19.1.0-b221","2.19.1.0-b222","2.19.1.0-b223","2.19.1.0-b224","2.19.1.0-b225","2.19.1.0-b226","2.19.1.0-b227","2.19.1.0-b228","2.19.1.0-b229","2.19.1.0-b23","2.19.1.0-b230","2.19.1.0-b231","2.19.1.0-b232","2.19.1.0-b234","2.19.1.0-b235","2.19.1.0-b236","2.19.1.0-b237","2.19.1.0-b238","2.19.1.0-b239","2.19.1.0-b24","2.19.1.0-b242","2.19.1.0-b243","2.19.1.0-b244","2.19.1.0-b245","2.19.1.0-b246","2.19.1.0-b247","2.19.1.0-b248","2.19.1.0-b249","2.19.1.0-b25","2.19.1.0-b250","2.19.1.0-b251","2.19.1.0-b252","2.19.1.0-b253","2.19.1.0-b26","2.19.1.0-b261","2.19.1.0-b262","2.19.1.0-b263","2.19.1.0-b264","2.19.1.0-b265","2.19.1.0-b266","2.19.1.0-b267","2.19.1.0-b268","2.19.1.0-b269","2.19.1.0-b27","2.19.1.0-b270","2.19.1.0-b271","2.19.1.0-b272","2.19.1.0-b273","2.19.1.0-b274","2.19.1.0-b275","2.19.1.0-b276","2.19.1.0-b277","2.19.1.0-b278","2.19.1.0-b279","2.19.1.0-b280","2.19.1.0-b281","2.19.1.0-b282","2.19.1.0-b284","2.19.1.0-b285","2.19.1.0-b286","2.19.1.0-b287","2.19.1.0-b288","2.19.1.0-b291","2.19.1.0-b292","2.19.1.0-b293","2.19.1.0-b294","2.19.1.0-b296","2.19.1.0-b297","2.19.1.0-b298","2.19.1.0-b299","2.19.1.0-b300","2.19.1.0-b301","2.19.1.0-b304","2.19.1.0-b305","2.19.1.0-b306","2.19.1.0-b31","2.19.1.0-b315","2.19.1.0-b316","2.19.1.0-b317","2.19.1.0-b319","2.19.1.0-b32","2.19.1.0-b320","2.19.1.0-b321","2.19.1.0-b322","2.19.1.0-b323","2.19.1.0-b324","2.19.1.0-b325","2.19.1.0-b326","2.19.1.0-b327","2.19.1.0-b33","2.19.1.0-b334","2.19.1.0-b336","2.19.1.0-b337","2.19.1.0-b34","2.19.1.0-b343","2.19.1.0-b345","2.19.1.0-b348","2.19.1.0-b35","2.19.1.0-b350","2.19.1.0-b352","2.19.1.0-b357","2.19.1.0-b36","2.19.1.0-b361","2.19.1.0-b362","2.19.1.0-b363","2.19.1.0-b364","2.19.1.0-b365","2.19.1.0-b367","2.19.1.0-b369","2.19.1.0-b370","2.19.1.0-b371","2.19.1.0-b373","2.19.1.0-b374","2.19.1.0-b375","2.19.1.0-b376","2.19.1.0-b378","2.19.1.0-b379","2.19.1.0-b38","2.19.1.0-b380","2.19.1.0-b381","2.19.1.0-b383","2.19.1.0-b385","2.19.1.0-b386","2.19.1.0-b388","2.19.1.0-b389","2.19.1.0-b39","2.19.1.0-b392","2.19.1.0-b393","2.19.1.0-b394","2.19.1.0-b395","2.19.1.0-b396","2.19.1.0-b397","2.19.1.0-b398","2.19.1.0-b4","2.19.1.0-b40","2.19.1.0-b41","2.19.1.0-b42","2.19.1.0-b43","2.19.1.0-b44","2.19.1.0-b45","2.19.1.0-b46","2.19.1.0-b47","2.19.1.0-b48","2.19.1.0-b49","2.19.1.0-b5","2.19.1.0-b50","2.19.1.0-b51","2.19.1.0-b52","2.19.1.0-b53","2.19.1.0-b54","2.19.1.0-b55","2.19.1.0-b57","2.19.1.0-b58","2.19.1.0-b60","2.19.1.0-b61","2.19.1.0-b62","2.19.1.0-b63","2.19.1.0-b64","2.19.1.0-b65","2.19.1.0-b66","2.19.1.0-b67","2.19.1.0-b68","2.19.1.0-b69","2.19.1.0-b70","2.19.1.0-b71","2.19.1.0-b73","2.19.1.0-b74","2.19.1.0-b75","2.19.1.0-b77","2.19.1.0-b78","2.19.1.0-b79","2.19.1.0-b80","2.19.1.0-b81","2.19.1.0-b82","2.19.1.0-b83","2.19.1.0-b84","2.19.1.0-b85","2.19.1.0-b87","2.19.1.0-b88","2.19.1.0-b89","2.19.1.0-b9","2.19.1.0-b90","2.19.1.0-b91","2.19.1.0-b92","2.19.1.0-b93","2.19.1.0-b94","2.19.1.0-b95","2.19.1.0-b96","2.19.1.0-b97","2.19.1.0-b98","2.19.1.0-b99","2.19.1.0-b9999","2.19.1.2322-b4","2.19.1.2322-b5","2.19.1.2322-b6","2.19.2.0-b100","2.19.2.0-b101","2.19.2.0-b11","2.19.2.0-b12","2.19.2.0-b13","2.19.2.0-b14","2.19.2.0-b17","2.19.2.0-b18","2.19.2.0-b19","2.19.2.0-b20","2.19.2.0-b21","2.19.2.0-b22","2.19.2.0-b23","2.19.2.0-b24","2.19.2.0-b25","2.19.2.0-b26","2.19.2.0-b27","2.19.2.0-b28","2.19.2.0-b29","2.19.2.0-b3","2.19.2.0-b30","2.19.2.0-b31","2.19.2.0-b32","2.19.2.0-b33","2.19.2.0-b34","2.19.2.0-b35","2.19.2.0-b37","2.19.2.0-b38","2.19.2.0-b4","2.19.2.0-b40","2.19.2.0-b43","2.19.2.0-b44","2.19.2.0-b45","2.19.2.0-b46","2.19.2.0-b47","2.19.2.0-b48","2.19.2.0-b49","2.19.2.0-b5","2.19.2.0-b50","2.19.2.0-b51","2.19.2.0-b52","2.19.2.0-b53","2.19.2.0-b56","2.19.2.0-b57","2.19.2.0-b58","2.19.2.0-b59","2.19.2.0-b60","2.19.2.0-b61","2.19.2.0-b62","2.19.2.0-b63","2.19.2.0-b65","2.19.2.0-b66","2.19.2.0-b67","2.19.2.0-b68","2.19.2.0-b69","2.19.2.0-b7","2.19.2.0-b70","2.19.2.0-b71","2.19.2.0-b72","2.19.2.0-b73","2.19.2.0-b74","2.19.2.0-b75","2.19.2.0-b76","2.19.2.0-b77","2.19.2.0-b78","2.19.2.0-b79","2.19.2.0-b80","2.19.2.0-b83","2.19.2.0-b84","2.19.2.0-b85","2.19.2.0-b86","2.19.2.0-b87","2.19.2.0-b88","2.19.2.0-b89","2.19.2.0-b9","2.19.2.0-b90","2.19.2.0-b92","2.19.2.0-b93","2.19.2.0-b94","2.19.2.0-b95","2.19.2.0-b96","2.19.2.0-b97","2.19.2.0-b98","2.19.2.0-b99","2.19.3.0-b1","2.19.3.0-b10","2.19.3.0-b100","2.19.3.0-b101","2.19.3.0-b102","2.19.3.0-b103","2.19.3.0-b104","2.19.3.0-b105","2.19.3.0-b106","2.19.3.0-b107","2.19.3.0-b108","2.19.3.0-b109","2.19.3.0-b11","2.19.3.0-b110","2.19.3.0-b111","2.19.3.0-b112","2.19.3.0-b114","2.19.3.0-b115","2.19.3.0-b116","2.19.3.0-b117","2.19.3.0-b118","2.19.3.0-b119","2.19.3.0-b12","2.19.3.0-b120","2.19.3.0-b121","2.19.3.0-b122","2.19.3.0-b123","2.19.3.0-b124","2.19.3.0-b125","2.19.3.0-b127","2.19.3.0-b128","2.19.3.0-b13","2.19.3.0-b130","2.19.3.0-b131","2.19.3.0-b132","2.19.3.0-b133","2.19.3.0-b134","2.19.3.0-b135","2.19.3.0-b136","2.19.3.0-b14","2.19.3.0-b15","2.19.3.0-b16","2.19.3.0-b17","2.19.3.0-b18","2.19.3.0-b19","2.19.3.0-b2","2.19.3.0-b20","2.19.3.0-b21","2.19.3.0-b22","2.19.3.0-b23","2.19.3.0-b24","2.19.3.0-b25","2.19.3.0-b26","2.19.3.0-b27","2.19.3.0-b28","2.19.3.0-b29","2.19.3.0-b30","2.19.3.0-b31","2.19.3.0-b32","2.19.3.0-b33","2.19.3.0-b34","2.19.3.0-b35","2.19.3.0-b36","2.19.3.0-b37","2.19.3.0-b38","2.19.3.0-b39","2.19.3.0-b4","2.19.3.0-b40","2.19.3.0-b41","2.19.3.0-b42","2.19.3.0-b43","2.19.3.0-b44","2.19.3.0-b45","2.19.3.0-b46","2.19.3.0-b47","2.19.3.0-b48","2.19.3.0-b49","2.19.3.0-b50","2.19.3.0-b51","2.19.3.0-b52","2.19.3.0-b53","2.19.3.0-b54","2.19.3.0-b55","2.19.3.0-b56","2.19.3.0-b57","2.19.3.0-b58","2.19.3.0-b59","2.19.3.0-b6","2.19.3.0-b60","2.19.3.0-b62","2.19.3.0-b63","2.19.3.0-b64","2.19.3.0-b65","2.19.3.0-b66","2.19.3.0-b67","2.19.3.0-b68","2.19.3.0-b7","2.19.3.0-b70","2.19.3.0-b71","2.19.3.0-b72","2.19.3.0-b73","2.19.3.0-b76","2.19.3.0-b77","2.19.3.0-b78","2.19.3.0-b79","2.19.3.0-b8","2.19.3.0-b80","2.19.3.0-b81","2.19.3.0-b82","2.19.3.0-b83","2.19.3.0-b84","2.19.3.0-b85","2.19.3.0-b86","2.19.3.0-b87","2.19.3.0-b88","2.19.3.0-b89","2.19.3.0-b9","2.19.3.0-b91","2.19.3.0-b93","2.19.3.0-b94","2.19.3.0-b95","2.19.3.0-b96","2.19.3.0-b97","2.19.3.0-b98","2.19.3.0-b99","2.19.3.0-b9999","2.20.0.0-b1","2.20.0.0-b10","2.20.0.0-b11","2.20.0.0-b13","2.20.0.0-b14","2.20.0.0-b15","2.20.0.0-b16","2.20.0.0-b17","2.20.0.0-b18","2.20.0.0-b19","2.20.0.0-b2","2.20.0.0-b20","2.20.0.0-b26","2.20.0.0-b27","2.20.0.0-b29","2.20.0.0-b3","2.20.0.0-b30","2.20.0.0-b31","2.20.0.0-b32","2.20.0.0-b33","2.20.0.0-b34","2.20.0.0-b35","2.20.0.0-b36","2.20.0.0-b37","2.20.0.0-b39","2.20.0.0-b4","2.20.0.0-b40","2.20.0.0-b41","2.20.0.0-b42","2.20.0.0-b43","2.20.0.0-b44","2.20.0.0-b45","2.20.0.0-b46","2.20.0.0-b47","2.20.0.0-b48","2.20.0.0-b49","2.20.0.0-b50","2.20.0.0-b51","2.20.0.0-b52","2.20.0.0-b53","2.20.0.0-b54","2.20.0.0-b55","2.20.0.0-b56","2.20.0.0-b57","2.20.0.0-b58","2.20.0.0-b59","2.20.0.0-b6","2.20.0.0-b60","2.20.0.0-b61","2.20.0.0-b62","2.20.0.0-b63","2.20.0.0-b64","2.20.0.0-b65","2.20.0.0-b66","2.20.0.0-b67","2.20.0.0-b68","2.20.0.0-b69","2.20.0.0-b7","2.20.0.0-b70","2.20.0.0-b71","2.20.0.0-b72","2.20.0.0-b73","2.20.0.0-b74","2.20.0.0-b75","2.20.0.0-b8","2.20.0.0-b9","2.20.1.0-b1","2.20.1.0-b10","2.20.1.0-b11","2.20.1.0-b12","2.20.1.0-b13","2.20.1.0-b14","2.20.1.0-b15","2.20.1.0-b16","2.20.1.0-b17","2.20.1.0-b19","2.20.1.0-b2","2.20.1.0-b20","2.20.1.0-b21","2.20.1.0-b22","2.20.1.0-b23","2.20.1.0-b24","2.20.1.0-b25","2.20.1.0-b26","2.20.1.0-b27","2.20.1.0-b28","2.20.1.0-b29","2.20.1.0-b3","2.20.1.0-b30","2.20.1.0-b31","2.20.1.0-b32","2.20.1.0-b33","2.20.1.0-b34","2.20.1.0-b35","2.20.1.0-b36","2.20.1.0-b37","2.20.1.0-b38","2.20.1.0-b39","2.20.1.0-b4","2.20.1.0-b40","2.20.1.0-b41","2.20.1.0-b42","2.20.1.0-b43","2.20.1.0-b44","2.20.1.0-b45","2.20.1.0-b46","2.20.1.0-b47","2.20.1.0-b48","2.20.1.0-b49","2.20.1.0-b5","2.20.1.0-b50","2.20.1.0-b52","2.20.1.0-b53","2.20.1.0-b54","2.20.1.0-b55","2.20.1.0-b56","2.20.1.0-b57","2.20.1.0-b58","2.20.1.0-b59","2.20.1.0-b6","2.20.1.0-b60","2.20.1.0-b61","2.20.1.0-b62","2.20.1.0-b63","2.20.1.0-b64","2.20.1.0-b65","2.20.1.0-b66","2.20.1.0-b67","2.20.1.0-b68","2.20.1.0-b69","2.20.1.0-b7","2.20.1.0-b70","2.20.1.0-b71","2.20.1.0-b72","2.20.1.0-b8","2.20.1.0-b9","2.20.2.0-b1","2.20.2.0-b10","2.20.2.0-b100","2.20.2.0-b101","2.20.2.0-b102","2.20.2.0-b103","2.20.2.0-b104","2.20.2.0-b105","2.20.2.0-b106","2.20.2.0-b107","2.20.2.0-b108","2.20.2.0-b109","2.20.2.0-b11","2.20.2.0-b110","2.20.2.0-b111","2.20.2.0-b112","2.20.2.0-b113","2.20.2.0-b114","2.20.2.0-b115","2.20.2.0-b116","2.20.2.0-b117","2.20.2.0-b118","2.20.2.0-b119","2.20.2.0-b12","2.20.2.0-b120","2.20.2.0-b121","2.20.2.0-b122","2.20.2.0-b123","2.20.2.0-b124","2.20.2.0-b125","2.20.2.0-b126","2.20.2.0-b127","2.20.2.0-b128","2.20.2.0-b129","2.20.2.0-b13","2.20.2.0-b130","2.20.2.0-b133","2.20.2.0-b134","2.20.2.0-b135","2.20.2.0-b136","2.20.2.0-b137","2.20.2.0-b138","2.20.2.0-b139","2.20.2.0-b14","2.20.2.0-b15","2.20.2.0-b2","2.20.2.0-b21","2.20.2.0-b22","2.20.2.0-b23","2.20.2.0-b24","2.20.2.0-b25","2.20.2.0-b26","2.20.2.0-b27","2.20.2.0-b28","2.20.2.0-b29","2.20.2.0-b3","2.20.2.0-b30","2.20.2.0-b31","2.20.2.0-b32","2.20.2.0-b33","2.20.2.0-b34","2.20.2.0-b35","2.20.2.0-b36","2.20.2.0-b37","2.20.2.0-b38","2.20.2.0-b39","2.20.2.0-b4","2.20.2.0-b40","2.20.2.0-b41","2.20.2.0-b42","2.20.2.0-b43","2.20.2.0-b44","2.20.2.0-b45","2.20.2.0-b46","2.20.2.0-b47","2.20.2.0-b49","2.20.2.0-b5","2.20.2.0-b50","2.20.2.0-b51","2.20.2.0-b52","2.20.2.0-b53","2.20.2.0-b54","2.20.2.0-b55","2.20.2.0-b56","2.20.2.0-b57","2.20.2.0-b58","2.20.2.0-b59","2.20.2.0-b6","2.20.2.0-b60","2.20.2.0-b61","2.20.2.0-b62","2.20.2.0-b63","2.20.2.0-b64","2.20.2.0-b65","2.20.2.0-b66","2.20.2.0-b67","2.20.2.0-b68","2.20.2.0-b69","2.20.2.0-b7","2.20.2.0-b70","2.20.2.0-b71","2.20.2.0-b72","2.20.2.0-b73","2.20.2.0-b74","2.20.2.0-b75","2.20.2.0-b76","2.20.2.0-b77","2.20.2.0-b78","2.20.2.0-b79","2.20.2.0-b8","2.20.2.0-b81","2.20.2.0-b82","2.20.2.0-b83","2.20.2.0-b84","2.20.2.0-b85","2.20.2.0-b86","2.20.2.0-b87","2.20.2.0-b88","2.20.2.0-b89","2.20.2.0-b9","2.20.2.0-b90","2.20.2.0-b91","2.20.2.0-b92","2.20.2.0-b93","2.20.2.0-b94","2.20.2.0-b95","2.20.2.0-b96","2.20.2.0-b97","2.20.2.0-b98","2.20.2.0-b99","2.20.3.0-b1","2.20.3.0-b10","2.20.3.0-b11","2.20.3.0-b12","2.20.3.0-b13","2.20.3.0-b14","2.20.3.0-b15","2.20.3.0-b16","2.20.3.0-b18","2.20.3.0-b19","2.20.3.0-b2","2.20.3.0-b20","2.20.3.0-b22","2.20.3.0-b23","2.20.3.0-b25","2.20.3.0-b26","2.20.3.0-b27","2.20.3.0-b28","2.20.3.0-b30","2.20.3.0-b31","2.20.3.0-b32","2.20.3.0-b33","2.20.3.0-b34","2.20.3.0-b35","2.20.3.0-b36","2.20.3.0-b38","2.20.3.0-b4","2.20.3.0-b40","2.20.3.0-b41","2.20.3.0-b42","2.20.3.0-b43","2.20.3.0-b44","2.20.3.0-b45","2.20.3.0-b46","2.20.3.0-b47","2.20.3.0-b48","2.20.3.0-b5","2.20.3.0-b54","2.20.3.0-b55","2.20.3.0-b56","2.20.3.0-b57","2.20.3.0-b58","2.20.3.0-b59","2.20.3.0-b6","2.20.3.0-b60","2.20.3.0-b61","2.20.3.0-b62","2.20.3.0-b63","2.20.3.0-b64","2.20.3.0-b65","2.20.3.0-b66","2.20.3.0-b7","2.20.3.0-b8","2.20.3.0-b9","2.20.4.0-b1","2.20.4.0-b10","2.20.4.0-b11","2.20.4.0-b12","2.20.4.0-b13","2.20.4.0-b14","2.20.4.0-b15","2.20.4.0-b16","2.20.4.0-b17","2.20.4.0-b18","2.20.4.0-b19","2.20.4.0-b2","2.20.4.0-b20","2.20.4.0-b21","2.20.4.0-b22","2.20.4.0-b23","2.20.4.0-b25","2.20.4.0-b26","2.20.4.0-b27","2.20.4.0-b28","2.20.4.0-b29","2.20.4.0-b3","2.20.4.0-b30","2.20.4.0-b31","2.20.4.0-b4","2.20.4.0-b5","2.20.4.0-b6","2.20.4.0-b7","2.20.4.0-b8","2.5.0.0","v0.9.4.0-b32","v0.9.5.0","v0.9.6","v0.9.7","v0.9.8","v1.0.0","v1.0.0-beta-yugabyted-ui","v1.0.4","v1.0.5","v1.1.0","v1.2.0","v1.2.12","v1.2.4","v1.3.0","v1.3.1","v1.3.1f10e23d319a5e5df008467d19ebab95ce631a977","v1.3.2","v2.0.0","v2.0.1","v2.0.10","v2.0.11","v2.0.2","v2.0.3","v2.0.6","v2.0.7","v2.0.8","v2.0.9","v2.1.0","v2.1.1","v2.1.2","v2.1.3","v2.1.4","v2.1.5","v2.1.6","v2.3.0.0","v2.3.1.0","v2.3.2.0","v2.5.1","v2.5.2","v2.5.3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-6895.json","vanir_signatures":[{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"function_hash":"238964373452549663257251932304738075087","length":890},"target":{"file":"managed/src/test/java/com/yugabyte/yw/controllers/UsersControllerTest.java","function":"testUpdateUserProfileValidOnlyPassword"},"signature_type":"Function","id":"CVE-2024-6895-169284c8"},{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"function_hash":"143555286364527243140061390472701025452","length":778},"target":{"file":"managed/src/test/java/com/yugabyte/yw/controllers/UsersControllerTest.java","function":"testPasswordChangeInvalidPassword"},"signature_type":"Function","id":"CVE-2024-6895-1e0cccb2"},{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"function_hash":"149133980081874155652305980922866881535","length":1073},"target":{"file":"managed/src/test/java/com/yugabyte/yw/controllers/UsersControllerTest.java","function":"testUpdateUserProfileNullifyTimezone"},"signature_type":"Function","id":"CVE-2024-6895-24357a1c"},{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"function_hash":"194835205870919087484785019312383074235","length":1111},"target":{"file":"managed/src/test/java/com/yugabyte/yw/controllers/UsersControllerTest.java","function":"testUpdateUserProfileValid"},"signature_type":"Function","id":"CVE-2024-6895-57e14abf"},{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["221954258843129905092461824339088703488","189055111379491193824982451105330234672","296868805285795244603188251743167261393","139991841111366215294450660057197677579","324566051529180370493810080138063837343","17494261785147379361842817287472465512","20522370051166458158050488280298230053","244515948328907504651681440880947434290","140022381546428663102301106445049229359","80544288545216299503154082108437567418","93421919138892481068406024939468630916","301413765618320360323394464386563057143","334244901324713293601244956970699021821","137473671738508866631489410991256528605","308995948438744566838744759763475017398","61707086101852707243700754116331255876","278032983532089276082340558142368681409","32114590439602919276836430300407682942","92940421073132649787057308294222826047","4963522875977362775434220524510814872","155346094285145684677138253307536163654","18109905741285251012175914807313051249","172397210954310268230949611838121246002","138532111079202085851949190709513462243"]},"target":{"file":"managed/src/main/java/com/yugabyte/yw/rbac/handlers/AuthorizationHandler.java"},"signature_type":"Line","id":"CVE-2024-6895-9b212c9a"},{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["26321677373176286356460168310404404924","38029626468336420718574741806170635640","62553867366308554820558356078978096774","192150148749309895819672499616724345515"]},"target":{"file":"managed/src/main/java/com/yugabyte/yw/common/RedactingService.java"},"signature_type":"Line","id":"CVE-2024-6895-9cd5fb00"},{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"function_hash":"36262955468535495196093791459001094786","length":259},"target":{"file":"managed/src/test/java/com/yugabyte/yw/controllers/UsersControllerTest.java","function":"setUp"},"signature_type":"Function","id":"CVE-2024-6895-a18848b3"},{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["326415609636096164901291895346679064680","298152909351094244796869867757858602913","128512709214130369533833023104096788026","159532982956982250735847366349459063191","26419059889531928922932627294133641543","297846214686697129386226114145077970168","46097254031552621874132827133783071695","185866354728001036161656366776396371611","251875045896436925334071535604128541068","175493583298614036217158563834079372981","199923582412401960442889247622350927364","335703851974337726036396115035609152037","292557168745466521140154416368891193261","261087039907919605957749581356859360725","191653986073340560251743109776924569716","68643866534324391027260581395431230015","255723323192999641919612041561007333514","261134172649569442466723027818612155037","248666839776606506435280356724817325364","10585987604019295945311538670147365463","82531610282056918855813950275795325797","231775534482322771493235955544555262188","297944956211191018901874741811339991327","49183759075512775593987441521955554551","171301227671100890109977340405702618449","7181375929154412362108942031410514285","151290630918516271496192746529847537505","245963785967892417711114914051628966653","327814501393872007483181465246755986115","338277499625139139344495605701732563296","154888016761659538920370820179284260968","277919677742684730440057771326309021420","148951148463620034320853993741541093178","78907833474055895116843771169278874746","96991896219440762605384190476786123336","196231316704569454178454370154924313789","125571193865282501578148937267913441131","103731371960293352906917190408509755110","116098005551718557055260608735187183242","84014681734988156499325043630304280024","95061489157951142259157201239268852377","97282262417947906755511006747359411067","258414524541643706957974892254812298861","283106770642912082463458828992015783613","298333857478925737009663276478300445855","138091800922334408301901177506854663525","251677730246463453326789307825386544155","304182955349005931526488481122326884148","133708970437109974660349379886236699709","337698393293564631379616829356406437198","15963932301687891669892805775407076575","21600314893138716996607819098891167397","189316960305257622392921843645347730866","189921456224339442461066912811897678704","1048106638043349438675702840383728173","168800700335205717804123977501224852430","338941496630847652935932625716753464829","237722828634425176750920727542483824376","154888016761659538920370820179284260968","277919677742684730440057771326309021420","148951148463620034320853993741541093178","78907833474055895116843771169278874746","239575283920097119536470724121465356417","187642849992065728781255104329830261403","182796925872711245324699100454653441358","285440981131593004559891448541675018372","14092248491599145272017974681645365148","74750732002684589526133006443447089460","173214807145808808336209340238746893459","10354451427533759736669511146476862388","316755477883378178425165759304972546109","96528121339453985006561069102411635843","288360187849311759026212698235368614904","25897477046009780195706251522465118742"]},"target":{"file":"managed/src/main/java/com/yugabyte/yw/controllers/UsersController.java"},"signature_type":"Line","id":"CVE-2024-6895-aa2a1b09"},{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"function_hash":"18703274237619741009699678654879260194","length":872},"target":{"file":"managed/src/test/java/com/yugabyte/yw/controllers/UsersControllerTest.java","function":"testUpdateUserProfileInvalidPassword"},"signature_type":"Function","id":"CVE-2024-6895-b4af64a0"},{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["120005149001946206336292075069416215719","70162802048050543570222152913330425986","144554300580073787425822542163490623393","48561982941994781370378052192437687742","52701455977616860875344428526499740579","198686944104796747411086114931676874646","208484704621978464385359701990470252500","333752982196500653570419344445311049950","168634041682837025806706475448842919757","294518181494534257463470022366507489981","325905825988335201815848335344005158712","309129141571898273528199442075610792296","246088298842752267679530471006695065357","36766503988661380382767941572048777491","135335270848263168321169580464049387995","280793010126232641662236906692956681410","183295225560929702679727435707684937296","180799156496038172686381461079301175520","12206569784226528800882937745899456366","319791092344380087031542596190005711841","236181823625831979533593714370239516746","323611132058094499718937617691414348866","81159629577926444449043232782702484675","279675769329626192583100833132277454893","340168000552593114678315444410239016544","113334341574853545472333378085102694595","117154095003035199201049243164294454079","167892399770306782513724771096901386370","126743597959871658982247599010344181523","248171407908208369010609983352983062338","172953441490949274913567314543701753999","308629593316627906199208503610232168730","122684635699485832698967289565752578596","56805441029399141595933279327415758747","236062607395241103309639091709637807769","41911509262685000058609037927424188467","258743697711810721188101579962548302934","310439047633909144813053540216446384617","263284034739401755304947987564800236037","69931212808607448803531976690202200883","159556733443648651777686498302515150279","90501127774193579057111049370308139263","219805546601402629942328490516022489295","296325593552383293327124738726107903046","185473631073050484188673037394052463997","227630491840200224225452306515879373687","13101529609456087772061211944953593731","179597753108268786536772706952068227761","337292538108660914171845829977241476067","50263169224006444012195800335519632270","68206322126359521449588736313859181760","119899699267688717964441449453312405634","238640467854102309115013416957739517978","172953441490949274913567314543701753999","308629593316627906199208503610232168730","122684635699485832698967289565752578596","56805441029399141595933279327415758747","207733675205603154851065465904418453724","287541147080965347363400983322204962461","165709385601119425581269462911437445468","94230026174649219753708832309813113966","275364588437779057751547890834654885417","128089194807695572193436054687926546239","130016030095310468751148087440882521442","111529647740625874778412231023084165236","95104020226363816307381025407163441521","11677221610751472877848758368607668313","96761700619096618848155424877440766761","189116575807094363591366435158005966733","328972065659609515449903681800767817530","124001646450130646597883712396639582804","220092803313931249191728724405364258294","313884598129295821318254834020405786783","171477217269564886420280415011240621420","304609134152064559331896799232461505428","44334415639866182448904069555787731304","13101529609456087772061211944953593731","128089194807695572193436054687926546239","130016030095310468751148087440882521442","111529647740625874778412231023084165236","15665211555862239654564032919617031251","121654835249428495105171595832884077131","275953889368401565801347847412798495698","73262870118538731218372341833784479610","126743597959871658982247599010344181523","248171407908208369010609983352983062338","172953441490949274913567314543701753999","140857833163224061964480958720255016138","194562109019678823586281164387647915884","240061888695720363480990928901474093441","15050384229347330882190595505260432698","41911509262685000058609037927424188467","183505341681162840887043258266762722676","56841954995059136350083634130817672323","167962845478524219971443179600387861875","218754870157066123971141027565514623947","313884598129295821318254834020405786783","171477217269564886420280415011240621420","301817577172208892801417505418775749914","318277816377760811693794761983749823048","130061015004572872382407782439019462708","42772226266753665223320679633572016802","280361349094179746363783213432919879107","231534633000550152706549543198681465250","126743597959871658982247599010344181523","248171407908208369010609983352983062338","172953441490949274913567314543701753999","140857833163224061964480958720255016138","194562109019678823586281164387647915884","240061888695720363480990928901474093441","15050384229347330882190595505260432698","41911509262685000058609037927424188467","110759802393442781113245592673950237705","123058376811462034367472942468248726987","220816912679677442317878847876078272311","315506868766480092556933606801775353766","287541147080965347363400983322204962461","165709385601119425581269462911437445468","94230026174649219753708832309813113966","258702328502958531430404831104204330819","231534633000550152706549543198681465250","126743597959871658982247599010344181523","248171407908208369010609983352983062338","172953441490949274913567314543701753999","140857833163224061964480958720255016138","194562109019678823586281164387647915884","240061888695720363480990928901474093441","15050384229347330882190595505260432698","41911509262685000058609037927424188467","110759802393442781113245592673950237705","193757125760454097576730339236017154027","38153323729235186869274654555656774644","62777079112811381515586445868929292083","181682494023817716880860490886845682783"]},"target":{"file":"managed/src/test/java/com/yugabyte/yw/controllers/UsersControllerTest.java"},"signature_type":"Line","id":"CVE-2024-6895-bcb0109a"},{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"function_hash":"264877559524461301017044237346310753764","length":4620},"target":{"file":"managed/src/main/java/com/yugabyte/yw/rbac/handlers/AuthorizationHandler.java","function":"call"},"signature_type":"Function","id":"CVE-2024-6895-be97ae09"},{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"function_hash":"190714551927322160221311875844651955745","length":948},"target":{"file":"managed/src/main/java/com/yugabyte/yw/controllers/UsersController.java","function":"changePassword"},"signature_type":"Function","id":"CVE-2024-6895-c9355a19"},{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"function_hash":"1593727489807992895213882843181890172","length":1035},"target":{"file":"managed/src/test/java/com/yugabyte/yw/controllers/UsersControllerTest.java","function":"testUpdateUserProfileReadOnlyUserPasswordChange"},"signature_type":"Function","id":"CVE-2024-6895-cb80e9b1"},{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["148019195298962974478109671488255960508","310788564351638500113741915580266158527","66489017476295525245883889434541144272","336010409380679558390623948530932094942"]},"target":{"file":"managed/src/main/java/com/yugabyte/yw/rbac/enums/SourceType.java"},"signature_type":"Line","id":"CVE-2024-6895-d33b4da1"},{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"function_hash":"256100060117917028273018669911643959720","length":1054},"target":{"file":"managed/src/test/java/com/yugabyte/yw/controllers/UsersControllerTest.java","function":"testUpdateUserProfileInvalid"},"signature_type":"Function","id":"CVE-2024-6895-e1abc335"},{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"function_hash":"195956668031822345634895062922387307734","length":2700},"target":{"file":"managed/src/main/java/com/yugabyte/yw/controllers/UsersController.java","function":"updateProfile"},"signature_type":"Function","id":"CVE-2024-6895-e7d27280"},{"deprecated":false,"source":"https://github.com/yugabyte/yugabyte-db/commit/9687371d8777f876285b737a9d01995bc46bafa5","signature_version":"v1","digest":{"function_hash":"167511153861672024083424184284089076388","length":932},"target":{"file":"managed/src/test/java/com/yugabyte/yw/controllers/UsersControllerTest.java","function":"testPasswordChangeValid"},"signature_type":"Function","id":"CVE-2024-6895-efc9018f"}],"vanir_signatures_modified":"2026-04-12T16:55:27Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:P/VC:H/VI:L/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"}]}