Lucene search
+L

6 matches found

NVD
NVD
added 6 hours ago5 views

CVE-2026-63098

TheHive through 4.1.24 contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by sending a GET request to the /api/status endpoint, which lacks authentication enforcement in the StatusCtrl.scala handler...

6.9CVSS
Exploits0References2
Cvelist
Cvelist
added 7 hours ago10 views

CVE-2026-63098 TheHive 4.1.24 Unauthenticated Information Disclosure via /api/status Endpoint

TheHive through 4.1.24 contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by sending a GET request to the /api/status endpoint, which lacks authentication enforcement in the StatusCtrl.scala handler...

6.9CVSS
Exploits0References2
CVE
CVE
added 7 hours ago8 views

CVE-2026-63098

The Hive 4.1.24 has an unauthenticated information-disclosure flaw exposed via GET /api/status (StatusCtrl.scala), enabling attackers without credentials to read sensitive configuration data. Affected items include the datastore attachment protection password, configured authentication providers,...

6.9CVSS5.4AI score
Exploits0References2
EUVD
EUVD
added 7 hours ago4 views

EUVD-2026-45196

TheHive through 4.1.24 contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by sending a GET request to the /api/status endpoint, which lacks authentication enforcement in the StatusCtrl.scala handler...

6.9CVSS5.4AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 22 hours ago3 views

PT-2026-60791

TheHive through 4.1.24 contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by sending a GET request to the /api/status endpoint, which lacks authentication enforcement in the StatusCtrl.scala handler...

6.9CVSS5.3AI score
Exploits0References3
OSV
OSV
added 2018/10/15 4:29 p.m.7 views

CVE-2018-15593

An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can decrypt the encrypted datastore or relay server password by leveraging an unspecified attack vector...

7.8CVSS5.8AI score0.01035EPSS
Exploits0References5
Rows per page
Query Builder