CVE-2024-57439

medium

Description

An issue in the reset password interface of ruoyi v4.8.0 allows attackers with Admin privileges to cause a Denial of Service (DoS) by duplicating the login name of the account.

References

https://ruoyi.vip/

https://github.com/yangzongzhuan/RuoYi

https://github.com/peccc/restful_vul/blob/main/ruoyi_dos/ruoyi_dos.md

https://gitee.com/y_project/RuoYi

Details

Source: Mitre, NVD

Published: 2025-01-29

Updated: 2025-05-14

Risk Information

CVSS v2

Base Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:M/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 4.9

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H