CVE-2024-6060
9.3
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L/AU:N/R:U/V:C/RE:M/U:Red
Summary
An information disclosure vulnerability in Phloc Webscopes 7.0.0 allows local attackers with access to the log files to view logged HTTP requests that contain user passwords or other sensitive information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Phloc | Webscopes | 7.0.0 | affected |
| Phloc | Webscopes | pkg:maven/com.phloc/phloc-webscopes@7.0.0 | affected |
Weaknesses
- CWE-532: CWE-532 Insertion of Sensitive Information into Log File
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.