CVE-2024-6300

Summary

Incomplete cleanup when performing redactions in Conduit, allowing an attacker to check whether certain strings were present in the PDU before redaction

Affected Software

VendorProductVersion RangeStatus
The Conduit ContributorsConduit0 < 0.8.0affected

Weaknesses

  • CWE-459: CWE-459: Incomplete Cleanup

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References