{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T02:25:34.002","vulnerabilities":[{"cve":{"id":"CVE-2024-26578","sourceIdentifier":"security@apache.org","published":"2024-02-22T10:15:08.503","lastModified":"2025-03-20T20:15:31.513","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1.\n\nRepeated submission during registration resulted in the registration of the same user. When users register, if they rapidly submit multiple registrations using scripts, it can result in the creation of multiple user accounts simultaneously with the same name.\nUsers are recommended to upgrade to version [1.2.5], which fixes the issue."},{"lang":"es","value":"Ejecución simultánea mediante recurso compartido con vulnerabilidad de sincronización incorrecta ('Condición de Ejecución') en Apache Answer. Este problema afecta a Apache Answer: hasta 1.2.1. El envío repetido durante el registro resultó en el registro del mismo usuario. Cuando los usuarios se registran, si envían rápidamente varios registros utilizando scripts, puede resultar en la creación de varias cuentas de usuario simultáneamente con el mismo nombre. Se recomienda a los usuarios actualizar a la versión [1.2.5], que soluciona el problema."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-362"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:answer:*:*:*:*:*:*:*:*","versionEndIncluding":"1.2.1","matchCriteriaId":"F977E6DB-B10B-4AC2-BD22-EA5F228989A9"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2024/02/22/3","source":"security@apache.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.apache.org/thread/ko0ksnznt2484lxt0zts2ygr82ldkhcb","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2024/02/22/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.apache.org/thread/ko0ksnznt2484lxt0zts2ygr82ldkhcb","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Vendor Advisory"]}]}}]}