CVE-2024-22276

Summary

VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability.

A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are logged.

Affected Software

VendorProductVersion RangeStatus
N/AVMware Cloud Director Object Storage ExtensionVMware Cloud Director Object Storage Extension 3.0, VMware Cloud Director Object Storage Extension 2.xaffected

Weaknesses

  • Insertion of Sensitive Information into Log File

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References