CVE-2024-6060

CVSS 9.3 CRITICALEPSS 0.2%CWE-532

An information disclosure vulnerability in Phloc Webscopes 7.0.0 allows local attackers with access to the log files to view logged HTTP requests that contain user passwords or other sensitive information.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L/AU:N/R:U/V:C/RE:M/U:Red

Productos afectados

Phloc · Webscopes

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://sites.google.com/sonatype.com/vulnerabilities/cve-2024-6060 https://www.sonatype.com/security-advisories/cve-2024-6060