What is CVE-2024-56802?

CVE-2024-56802 is a publicly disclosed cybersecurity vulnerability with a HIGH severity rating and CVSS score of 8.7.

How to search for CVE vulnerabilities?

You can search the 4nuxd CVE database using CVE IDs, vendor names, product names, or severity levels.

CVE-2024-56802

HIGH8.7/ 10.0

Published: December 31, 2024 at 04:15 PM

Modified: April 15, 2026 at 12:35 AM

Source: security-advisories@github.com

Vulnerability Description

Tapir is a private Terraform registry. Tapir versions 0.9.0 and 0.9.1 are facing a critical issue with scope-able Deploykeys where attackers can guess the key to get write access to the registry. User must upgrade to 0.9.2.

CVSS Metrics

Base Score

8.7

Severity

HIGH

Vector String

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X