Lucene search
MicrosoftCVE-2024-30054HistoryMay 14, 2024 - 5:17 p.m.
CVE-2024-30054
2024-05-1417:17:22
CWE-20
microsoft
web.nvd.nist.gov
65
cve-2024-30054
nvd
information disclosure
power bi
javascript sdk
microsoft
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.001
Percentile
37.9%
Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability
Affected configurations
Node
microsoftpowerbi-client_js_sdkRange2.0.0–2.23.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | powerbi-client_js_sdk | * | cpe:2.3:a:microsoft:powerbi-client_js_sdk:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "PowerBI-client JS SDK",
"cpes": [
"cpe:2.3:a:microsoft:powerbi-client_js_sdk:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "2.0.0",
"lessThan": "2.23.1",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
github
github
nvd
nvd
CVE-2024-30054
2024-05-14 17:17:22
veracode
veracode
Information Disclosure
2024-05-17 06:36:02
vulnrichment
vulnrichment
mscve
mscve
osv
osv
cvelist
cvelist
nessus
nessus
NuGet Package 'Microsoft.PowerBI.JavaScript' < 2.23.1 Information Disclosure
2024-05-15 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - May 2024
2024-05-14 20:25:36
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.001
Percentile
37.9%
Related for CVE-2024-30054