Security Advisory

CVE-2024-55963

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-26 00:00:00
Last updated 2025-03-27 13:36:32
Assigner mitre
State PUBLISHED

Description

An issue was discovered in Appsmith before 1.51. A user on Appsmith that doesnt have admin permissions can trigger the restart API on Appsmith, causing a server restart. This is still within the Appsmith container, and the impact is limited to Appsmiths own server only, but there is a denial of service because it can be continually restarted. This is due to incorrect access control checks, which should check for super user permissions on the incoming request.