Lucene search

CVE-2024-41109 Pimcore vulnerable to disclosure of system and database information behind /admin firewall

🗓️ 30 Jul 2024 14:14:43Reported by GitHub_MType

Pimcore CVE-2024-41109 database disclosure fix in versions 1.5.2, 1.4.6, 1.3.1

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
NVD	CVE-2024-41109	30 Jul 202415:15	–	nvd
Vulnrichment	CVE-2024-41109 Pimcore vulnerable to disclosure of system and database information behind /admin firewall	30 Jul 202414:43	–	vulnrichment
Github Security Blog	Pimcore vulnerable to disclosure of system and database information behind /admin firewall	30 Jul 202414:52	–	github
CVE	CVE-2024-41109	30 Jul 202415:15	–	cve
Veracode	Information Exposure	31 Jul 202408:05	–	veracode
OSV	CVE-2024-41109	30 Jul 202415:15	–	osv
OSV	GHSA-FX6J-9PP6-PH36 Pimcore vulnerable to disclosure of system and database information behind /admin firewall	30 Jul 202414:52	–	osv

[
  {
    "vendor": "pimcore",
    "product": "admin-ui-classic-bundle",
    "versions": [
      {
        "version": "< 1.5.2",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/pimcore/admin-ui-classic-bundle/commit/afa10bff2f8bfe9c8af7b6b75885bc403f6984f0
github	www.github.com/pimcore/admin-ui-classic-bundle/blob/1.x/src/Controller/Admin/IndexController.php
github	www.github.com/pimcore/admin-ui-classic-bundle/releases/tag/v1.5.2
github	www.github.com/pimcore/admin-ui-classic-bundle/security/advisories/GHSA-fx6j-9pp6-ph36

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

30 Jul 2024 14:43Current

CVSS36.3

EPSS0.00005

CWE-200

pimcore vulnerability disclosure