CVE-2024-2731
CVSS V2 None
CVSS V3 None
Description
Users with low privileges (all permissions deselected in the administrator permissions settings) can view certain pages that expose sensitive information such as company names, users' names and surnames, stage names, and monitoring campaigns and their descriptions. In addition, unprivileged users can see and edit the descriptions of tags. At the time of publication of the CVE no patch is available.
Overview
- CVE ID
- CVE-2024-2731
- Assigner
- NCSC.ch
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-04-10T13:59:41.407Z
- Last Modified Date
- 2024-04-10T13:59:41.407Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://huntr.com/bounties/4d72d300-92d6-4e3c-93d8-52fe47396ae0 | exploit |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-2731 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2731 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 23:43:27 | Added to TrackCVE |