Lucene search
Veracode Vulnerability DatabaseVERACODE:47755HistoryJun 26, 2024 - 7:13 a.m.
Information Disclosure
2024-06-2607:13:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
aimeos/ai-client-html
vulnerability
sensitive information exposure
environment variables
error logs
confidential data
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.2
Confidence
Low
aimeos/ai-client-html is vulnerable to Sensitive Information Exposure. The vulnerability is due to debug information revealing sensitive information from environment variables in error logs, allowing attackers to potentially access confidential data.
Related
cve
cve
CVE-2024-38516
2024-06-25 21:15:59
gitlab
gitlab
Aimeos HTML client may potentially reveal sensitive information in error log
2024-06-25 00:00:00
github
github
Aimeos HTML client may potentially reveal sensitive information in error log
2024-06-25 17:26:56
nvd
nvd
CVE-2024-38516
2024-06-25 21:15:59
osv
osv
Aimeos HTML client may potentially reveal sensitive information in error log
2024-06-25 17:26:56
CVE-2024-38516
2024-06-25 21:15:59
cvelist
cvelist
vulnrichment
vulnrichment
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.2
Confidence
Low
Related for VERACODE:47755