Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Lifecycle Timeline
5DescriptionCVE.org
A vulnerability in the web application allows unauthorized users to access and manipulate sensitive data across different tenants by exploiting insecure direct object references. This could lead to unauthorized access to sensitive information and unauthorized changes to the tenant's configuration.
AnalysisAI
Insecure direct object references in Augmentt 1.0 allow unauthenticated remote attackers to access and modify sensitive tenant data across different organizational contexts, bypassing authentication mechanisms through direct manipulation of object identifiers. The vulnerability enables both unauthorized information disclosure and modification of tenant configuration with CVSS 6.5 (medium severity); no public exploit code has been identified at the time of analysis, though the attack is automatable and requires no user interaction.
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The vulnerability requires that the Augmentt application exposes tenant or resource identifiers directly in API endpoints or URL parameters without validating that the requester is authorized to access that specific tenant. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS vector (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) indicates network-accessible exploitation requiring no privileges, no user interaction, and low attack complexity, creating a baseline medium-severity risk (score 6.5). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker identifies that Augmentt exposes tenant identifiers in API URLs (e.g., https://app.augmentt.com/api/tenant/1/config). By sending requests with sequentially incremented tenant IDs (tenant/1, tenant/2, tenant/3) without authentication credentials or with stolen credentials from a single tenant, the attacker retrieves configuration data and sensitive information belonging to other organizations and modifies tenant settings such as user permissions or data retention policies. … |
| Remediation | No vendor-released patch has been identified at time of analysis. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-24748