Integrate Google Drive
CVE-2024-35670
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Broken Authentication vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.93.
AnalysisAI
Broken Authentication vulnerability in SoftLab Integrate Google Drive.3.93. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. Broken Authentication vulnerability in SoftLab Integrate Google Drive.3.93. Affected products include: Softlabbd Integrate Google Drive. Version information: through 1.3.93..
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.
More in Integrate Google Drive
View allMissing Authorization vulnerability in Prince Integrate Google Drive allows Exploiting Incorrectly Configured Access Con
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive - Browse, Upload, Do
Cross-Site Request Forgery (CSRF) vulnerability in SoftLab Integrate Google Drive.3.4. Rated medium severity (CVSS 4.3),
Same weakness CWE-287 – Improper Authentication
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today