CVE-2024-6060

Summary

An information disclosure vulnerability in Phloc Webscopes 7.0.0 allows local attackers with access to the log files to view logged HTTP requests that contain user passwords or other sensitive information.

Affected Software

VendorProductVersion RangeStatus
PhlocWebscopes7.0.0affected
PhlocWebscopespkg:maven/com.phloc/phloc-webscopes@7.0.0affected

Weaknesses

  • CWE-532: CWE-532 Insertion of Sensitive Information into Log File

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References