CVE-2024-22200

vantage6-UI is the User Interface for vantage6. The docker image used to run the UI leaks the nginx version. To mitigate the vulnerability, users can run the UI as an angular application. This vulnerability was patched in 4.2.0.
Configurations

Configuration 1 (hide)

cpe:2.3:a:vantage6:vantage6-ui:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:55

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 5.3
v2 : unknown
v3 : 3.3
References () https://github.com/vantage6/vantage6-UI/commit/92e0fb5102b544d5bcc23980d973573733e2e020 - Patch () https://github.com/vantage6/vantage6-UI/commit/92e0fb5102b544d5bcc23980d973573733e2e020 - Patch
References () https://github.com/vantage6/vantage6-UI/security/advisories/GHSA-8wxq-346h-xmr8 - Vendor Advisory () https://github.com/vantage6/vantage6-UI/security/advisories/GHSA-8wxq-346h-xmr8 - Vendor Advisory

08 Feb 2024, 17:01

Type Values Removed Values Added
CPE cpe:2.3:a:vantage6:vantage6-ui:*:*:*:*:*:*:*:*
First Time Vantage6 vantage6-ui
Vantage6
CVSS v2 : unknown
v3 : 3.3
v2 : unknown
v3 : 5.3
CWE NVD-CWE-noinfo
References () https://github.com/vantage6/vantage6-UI/commit/92e0fb5102b544d5bcc23980d973573733e2e020 - () https://github.com/vantage6/vantage6-UI/commit/92e0fb5102b544d5bcc23980d973573733e2e020 - Patch
References () https://github.com/vantage6/vantage6-UI/security/advisories/GHSA-8wxq-346h-xmr8 - () https://github.com/vantage6/vantage6-UI/security/advisories/GHSA-8wxq-346h-xmr8 - Vendor Advisory

30 Jan 2024, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-30 16:15

Updated : 2024-11-21 08:55


NVD link : CVE-2024-22200

Mitre link : CVE-2024-22200

CVE.ORG link : CVE-2024-22200


JSON object : View

Products Affected

vantage6

  • vantage6-ui
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

NVD-CWE-noinfo