4 matches found
CVE-2024-9802
The conformance validation endpoint is public so everybody can verify the conformance of onboarded services. The response could contain specific information about the service, including available endpoints, and swagger. It could advise about the running version of a service to an attacker. The...
CVE-2024-9802 Conformance validation endpoint discloses detail about service to unauthenticated users
The conformance validation endpoint is public so everybody can verify the conformance of onboarded services. The response could contain specific information about the service, including available endpoints, and swagger. It could advise about the running version of a service to an attacker. The...
CVE-2024-9802
The CVE-2024-9802 entry concerns the Zowe API Mediation Layerβs conformance validation endpoint, which is publicly accessible. Public responses may reveal service details (endpoints, swagger) and potentially indicate the running version and whether a service is active. This information exposure i...
CVE-2024-9802 Conformance validation endpoint discloses detail about service to unauthenticated users
The conformance validation endpoint is public so everybody can verify the conformance of onboarded services. The response could contain specific information about the service, including available endpoints, and swagger. It could advise about the running version of a service to an attacker. The...