CVE-2024-6060

An information disclosure vulnerability in Phloc Webscopes 7.0.0 allows local attackers with access to the log files to view logged HTTP requests that contain user passwords or other sensitive information.

CVSS

No CVSS.

References

Link	Resource
https://sites.google.com/sonatype.com/vulnerabilities/cve-2024-6060
https://sites.google.com/sonatype.com/vulnerabilities/cve-2024-6060

Configurations

No configuration.

History

21 Nov 2024, 09:48

Type	Values Removed	Values Added
References	~~() https://sites.google.com/sonatype.com/vulnerabilities/cve-2024-6060 -~~	() https://sites.google.com/sonatype.com/vulnerabilities/cve-2024-6060 -

26 Jun 2024, 15:15

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad de divulgación de información en Phloc Webscopes 7.0.0 permite a atacantes locales con acceso a los archivos de registro ver solicitudes HTTP registradas que contienen contraseñas de usuario u otra información confidencial.

25 Jun 2024, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-25 22:15

Updated : 2024-11-21 09:48

NVD link : CVE-2024-6060

Mitre link : CVE-2024-6060

CVE.ORG link : CVE-2024-6060

JSON object : View

Products Affected

No product.

CWE

CWE-532

Insertion of Sensitive Information into Log File

{"id": "CVE-2024-6060", "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "103e4ec9-0a87-450b-af77-479448ddef11", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "USER", "baseScore": 9.3, "automatable": "NO", "attackVector": "LOCAL", "baseSeverity": "CRITICAL", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Red", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "RED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "HIGH", "vulnerableSystemIntegrity": "HIGH", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "subsequentSystemAvailability": "LOW", "vulnerableSystemAvailability": "LOW", "subsequentSystemConfidentiality": "HIGH", "vulnerableSystemConfidentiality": "HIGH", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-06-25T22:15:35.347", "references": [{"url": "https://sites.google.com/sonatype.com/vulnerabilities/cve-2024-6060", "source": "103e4ec9-0a87-450b-af77-479448ddef11"}, {"url": "https://sites.google.com/sonatype.com/vulnerabilities/cve-2024-6060", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "103e4ec9-0a87-450b-af77-479448ddef11", "description": [{"lang": "en", "value": "CWE-532"}]}], "descriptions": [{"lang": "en", "value": "An information disclosure vulnerability in Phloc Webscopes 7.0.0 allows local attackers with access to the log files to view logged HTTP requests that contain user passwords or other sensitive information."}, {"lang": "es", "value": "Una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Phloc Webscopes 7.0.0 permite a atacantes locales con acceso a los archivos de registro ver solicitudes HTTP registradas que contienen contrase\u00f1as de usuario u otra informaci\u00f3n confidencial."}], "lastModified": "2024-11-21T09:48:52.130", "sourceIdentifier": "103e4ec9-0a87-450b-af77-479448ddef11"}