ZenML < 0.57.0 Password Reset Brute Force (CVE-2024-4311)

medium Nessus Plugin ID 213484

Version 1.3

May 8, 2025, 3:37 PM

  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "True")
  • Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available")

Plugin Feed: 202505081537

Version 1.2

Jan 16, 2025, 9:44 AM

  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C")
  • Exploit attributes ("Exploitability ease" set to "No known exploits are available")
  • Exploit attributes ("Exploit available" set to "False")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C")

Plugin Feed: 202501160944

Version 1.1

Jan 3, 2025, 8:16 PM

  • New

Plugin Feed: 202501032016

* Changelogs are generally available for changes made after Nov 1, 2022