The Avalara for Salesforce CPQ app before 7.0 for Salesforce allows attackers to read an API key. NOTE: the current version is 11 as of mid-2024.
References
Configurations
No configuration.
History
09 Jul 2024, 16:22
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-922 CWE-522 |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
03 Jul 2024, 12:53
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
03 Jul 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-03 06:15
Updated : 2024-07-09 16:22
NVD link : CVE-2024-38453
Mitre link : CVE-2024-38453
CVE.ORG link : CVE-2024-38453
JSON object : View
Products Affected
No product.