5 matches found
CVE-2024-12564
Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open Design Alliance CDE inWEB SDK before 2025.3. Installing CDE Server with default settings allows unauthorized users to visit prometheus metrics page. This can allow attackers to understand more things...
CVE-2024-12564 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ODA CDE inWEB SDK before 2025.3
Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open Design Alliance CDE inWEB SDK before 2025.3. Installing CDE Server with default settings allows unauthorized users to visit prometheus metrics page. This can allow attackers to understand more things...
CVE-2024-12564
CVE-2024-12564 affects Open Design Alliance CDE inWEB SDK prior to 2025.3. The vulnerability arises from default CDE Server settings that allow unauthorized users to access the Prometheus metrics page, exposing information about the target application. Impact is described as exposure of sensitive...
CVE-2024-12564 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ODA CDE inWEB SDK before 2025.3
Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open Design Alliance CDE inWEB SDK before 2025.3. Installing CDE Server with default settings allows unauthorized users to visit prometheus metrics page. This can allow attackers to understand more things...
Open Design Alliance CDE inWEB SDK 安全漏洞
Open Design Alliance CDE inWEB SDK is an application organized by the Open Design Alliance ODA. Web application for editing, creating and viewing DWGs. A security vulnerability exists in versions of the Open Design Alliance CDE inWEB SDK prior to 2025.3, which arises from the installation of CDE...