Lucene search
K

5 matches found

NVD
NVD
added 2024/12/12 8:15 a.m.16 views

CVE-2024-12564

Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open Design Alliance CDE inWEB SDK before 2025.3. Installing CDE Server with default settings allows unauthorized users to visit prometheus metrics page. This can allow attackers to understand more things...

6.9CVSS0.00647EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/12 7:41 a.m.7 views

CVE-2024-12564 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ODA CDE inWEB SDK before 2025.3

Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open Design Alliance CDE inWEB SDK before 2025.3. Installing CDE Server with default settings allows unauthorized users to visit prometheus metrics page. This can allow attackers to understand more things...

6.9CVSS6.7AI score0.00647EPSS
Exploits0References1
CVE
CVE
added 2024/12/12 7:41 a.m.54 views

CVE-2024-12564

CVE-2024-12564 affects Open Design Alliance CDE inWEB SDK prior to 2025.3. The vulnerability arises from default CDE Server settings that allow unauthorized users to access the Prometheus metrics page, exposing information about the target application. Impact is described as exposure of sensitive...

6.9CVSS6.4AI score0.00647EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/12 7:41 a.m.28 views

CVE-2024-12564 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ODA CDE inWEB SDK before 2025.3

Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open Design Alliance CDE inWEB SDK before 2025.3. Installing CDE Server with default settings allows unauthorized users to visit prometheus metrics page. This can allow attackers to understand more things...

6.9CVSS0.00647EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/12 12:0 a.m.6 views

Open Design Alliance CDE inWEB SDK 安全漏洞

Open Design Alliance CDE inWEB SDK is an application organized by the Open Design Alliance ODA. Web application for editing, creating and viewing DWGs. A security vulnerability exists in versions of the Open Design Alliance CDE inWEB SDK prior to 2025.3, which arises from the installation of CDE...

6.9CVSS6.5AI score0.00647EPSS
Exploits0References1
Rows per page
Query Builder