CVE-2024-1033

Summary

A vulnerability, which was classified as problematic, has been found in openBI up to 1.0.8. Affected by this issue is the function agent of the file /application/index/controller/Datament.php. The manipulation of the argument api leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252308.

Affected Software

VendorProductVersion RangeStatus
n/aopenBI1.0.0affected
n/aopenBI1.0.1affected
n/aopenBI1.0.2affected
n/aopenBI1.0.3affected
n/aopenBI1.0.4affected
n/aopenBI1.0.5affected
n/aopenBI1.0.6affected
n/aopenBI1.0.7affected
n/aopenBI1.0.8affected

Weaknesses

  • CWE-200: CWE-200 Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References