Lucene search
HistoryJun 07, 2024 - 5:15 p.m.
CVE-2024-37163
skyscrape
dashboard
aws
api
vulnerabilities
temporary credentials
data
version 1.0.0
CVSS3
6.4
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H
EPSS
0
Percentile
9.0%
SkyScrape is a GUI Dashboard for AWS Infrastructure and Managing Resources and Usage Costs. SkyScrapeβs API requests are currently unsecured HTTP requests, leading to potential vulnerabilities for the userβs temporary credentials and data. This affects version 1.0.0.
Related
vulnrichment
vulnrichment
CVE-2024-37163 SkyScrape Secure API Requests
2024-06-07 16:09:07
cve
cve
CVE-2024-37163
2024-06-07 17:15:51
cvelist
cvelist
CVE-2024-37163 SkyScrape Secure API Requests
2024-06-07 16:09:07
CVSS3
6.4
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2024-37163