CVE-2024-52311 Information
Nov 10, 2024
cve
Description
Authentication tokens issued via Cognito in data.all are not invalidated on log out allowing for previously authenticated user to continue execution of authorized API Requests until token is expired.
Reference
https://aws.amazon.com/security/security-bulletins/AWS-2024-013 https://github.com/data-dot-all/dataall/security/advisories/GHSA-p69m-h9rw-584v
Share on: