CVE-2024-11625

Summary

Information Exposure Through an Error Message vulnerability in Progress Software Corporation Sitefinity.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 through 15.0.8229, from 15.1.8300 through 15.1.8327, from 15.2.8400 through 15.2.8421.

Affected Software

VendorProductVersion RangeStatus
Progress Software CorporationSitefinity4.0 <= 14.4.8142affected
Progress Software CorporationSitefinity15.0.8200 <= 15.0.8229affected
Progress Software CorporationSitefinity15.1.8300 <= 15.1.8327affected
Progress Software CorporationSitefinity15.2.8400 <= 15.2.8421affected

Weaknesses

  • CWE-209: CWE-209: Generation of Error Message Containing Sensitive Information

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References