{
  "id": "CVE-2024-57438",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2025-01-29T15:15:17.283",
  "lastModified": "2025-01-29T15:15:17.283",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insecure permissions in RuoYi v4.8.0 allows authenticated attackers to escalate privileges by assigning themselves higher level roles."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://gitee.com/y_project/RuoYi",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://github.com/peccc/restful_vul/blob/main/ruoyi_insecure_role_assignments/ruoyi_insecure_role_assignments.md",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://github.com/yangzongzhuan/RuoYi",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://ruoyi.vip/",
      "source": "cve@mitre.org"
    }
  ]
}