Which versions of Docker are affected by CVE-2024-56323?

Organizations using OpenFGA should be aware of moderate risk from CVE-2024-56323 rated CVSS 5.8. Exploitation could compromise the security of affected deployments.. A patch is available.

How to fix or mitigate CVE-2024-56323?

Within 30 days: Identify affected systems running OpenFGA and apply vendor patches as part of regular patch cycle. Vendor patch is available.

Docker CVE-2024-56323

Q: What is the CVSS score of CVE-2024-56323?

CVE-2024-56323 has a CVSS 4.0 base score of 5.8 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

MEDIUM

Improper Authorization (CWE-285)

2025-01-13 security-advisories@github.com

Authentication Bypass Docker Helm Charts Openfga Suse

5.8

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:03 vuln.today

Patch released

Mar 28, 2026 - 18:03 nvd

Patch available

CVE Published

Jan 13, 2025 - 22:15 nvd

MEDIUM 5.8

DescriptionNVD

OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 (Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2) are vulnerable to authorization bypass under the following conditions: 1. calling Check API or ListObjects with a model that uses conditions, and 2. calling Check API or ListObjects API with contextual tuples that include conditions and 3. OpenFGA is configured with caching enabled (OPENFGA_CHECK_QUERY_CACHE_ENABLED). Users are advised to upgrade to v1.8.3. There are no known workarounds for this vulnerability.

AnalysisAI

OpenFGA is an authorization/permission engine. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-285. OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 (Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2) are vulnerable to authorization bypass under the following conditions: 1. calling Check API or ListObjects with a model that uses conditions, and 2. calling Check API or ListObjects API with contextual tuples that include conditions and 3. OpenFGA is configured with caching enabled (OPENFGA_CHECK_QUERY_CACHE_ENABLED). Users are advised to upgrade to v1.8.3. There are no known workarounds for this vulnerability. Affected products include: Openfga Helm Charts, Openfga.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More from same product – last 7 days

CVE-2026-9256 HIGH This Week

8.1 May 22

Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows unauthenticated remote attackers

Vendor StatusVendor

CVE-2024-56323 vulnerability details – vuln.today

Back

Docker CVE-2024-56323

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Vendor StatusVendor

Share

Docker CVE-2024-56323

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Vendor StatusVendor

Share

External POC / Exploit Code