Lucene search
Veracode Vulnerability DatabaseVERACODE:47899HistoryJul 04, 2024 - 7:10 a.m.
Insertion Of Sensitive Information Into Log File.
2024-07-0407:10:38
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
sensitive information
log file
vulnerability
phloc-webscopes
CVSS4
9.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
PASSIVE
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/SC:H/VI:H/SI:H/VA:L/SA:L/AU:N/U:Red/R:U/V:C/RE:M
AI Score
6.4
Confidence
High
com.phloc:phloc-webscopes is vulnerable to Insertion of Sensitive Information into Log File. The vulnerability is due to improper handling of logged HTTP requests within RequestWebScopeNoMultipart.java. This allows local attackers with access to the log files to view user passwords or other sensitive information.
Related
nvd
nvd
CVE-2024-6060
2024-06-25 22:15:35
cvelist
cvelist
CVE-2024-6060
2024-06-25 21:36:33
cve
cve
CVE-2024-6060
2024-06-25 22:15:35
vulnrichment
vulnrichment
CVE-2024-6060
2024-06-25 21:36:33
CVSS4
9.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
PASSIVE
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/SC:H/VI:H/SI:H/VA:L/SA:L/AU:N/U:Red/R:U/V:C/RE:M
AI Score
6.4
Confidence
High
Related for VERACODE:47899