Lucene search
SonatypeCVELIST:CVE-2024-6060HistoryJun 25, 2024 - 9:36 p.m.
CVE-2024-6060
2024-06-2521:36:33
CWE-532
Sonatype
www.cve.org
2
vulnerability
phloc webscopes
log files
http requests
sensitive information
9.3 High
CVSS4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
PASSIVE
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/SC:H/VI:H/SI:H/VA:L/SA:L/AU:N/U:Red/R:U/V:C/RE:M
0.0004 Low
EPSS
Percentile
9.1%
An information disclosure vulnerability in Phloc Webscopes 7.0.0 allows local attackers with access to the log files to view logged HTTP requests that contain user passwords or other sensitive information.
CNA Affected
[
{
"defaultStatus": "unaffected",
"packageName": "phloc-webscopes",
"product": "Webscopes",
"repo": "https://github.com/phlocbg/phloc-webbasics",
"vendor": "Phloc",
"versions": [
{
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "pkg:maven/com.phloc/[email protected]",
"versionType": "purl"
}
]
}
]Related
nvd
nvd
CVE-2024-6060
2024-06-25 22:15:35
vulnrichment
vulnrichment
CVE-2024-6060
2024-06-25 21:36:33
cve
cve
CVE-2024-6060
2024-06-25 22:15:35
9.3 High
CVSS4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
PASSIVE
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/SC:H/VI:H/SI:H/VA:L/SA:L/AU:N/U:Red/R:U/V:C/RE:M
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2024-6060