CVE-2024-55963

Medium CVSS: 6.5

An issue was discovered in Appsmith before 1.51. A user on Appsmith that doesn't have admin permissions can trigger the restart API on Appsmith, causing a server restart. This is still within the Appsmith container, and the impact is limited to Appsmith's own server only, but there is a denial of service because it can be continually restarted. This is due to incorrect access control checks, which should check for super user permissions on the incoming request.

Vendor

Appsmith

Product

Appsmith

CWE

CWE-284

Yayın Tarihi

2025-03-26 20:15:21

Güncelleme

2025-04-01 16:34:41

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-284 Appsmith MEDIUM Appsmith 2025

Referanslar

https://github.com/appsmithorg/appsmith/security/advisories/GHSA-6mc8-hw5c-7qqr

Benzer Kayıtlar

Medium

CVE-2026-34411

Appsmith versions prior to 1.98 expose sensitive instance management API endpoints without authentication. Unauthenticat…

Critical

CVE-2026-30862

Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.96, a Critical Stored XSS vulne…

Critical

CVE-2026-24042

Appsmith is a platform to build admin panels, internal tools, and dashboards. In versions 1.94 and below, publicly acces…

Critical

CVE-2026-22794

Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.93, the server uses the Origin…

Medium

CVE-2024-55965

An issue was discovered in Appsmith before 1.51. Users invited as "App Viewer" incorrectly have access to development in…

Critical

CVE-2024-55964

An issue was discovered in Appsmith before 1.52. An incorrectly configured PostgreSQL instance in the Appsmith image lea…