VDB

CVE-2024-52311

CVE-2024-52311 PUBLISHED CVSS 5.300000190734863 MEDIUM

Authentication tokens issued via Cognito in data.all are not invalidated on log out, allowing for previously authenticated user to continue execution of authorized API Requests until token is expired.

EPSS 0.31% · 54.8th percentile

Risk Scores

CVSS 4.0
5.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
EPSS Score
0.31%
54.8th percentile

Affected Products

VendorProductVersions
amazondata.all1.0.0, 1.0.0

Timeline

  • Nov 9, 2024 EPSS Score
  • Nov 9, 2024 Coalition ESS Score
  • Nov 9, 2024 Coalition ESS Score
  • Nov 9, 2024 CVE Published
  • Nov 12, 2024 Coalition ESS Score
  • Nov 27, 2024 EPSS Score
  • Dec 16, 2024 EPSS Score
  • Jan 2, 2025 EPSS Score
  • Jan 20, 2025 EPSS Score
  • Feb 7, 2025 EPSS Score
  • Feb 25, 2025 EPSS Score
  • Mar 15, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›