CVE-2024-6980

CVSS V2 None CVSS V3 None
Description
A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-5 running only on premise.
Overview
  • CVE ID
  • CVE-2024-6980
  • Assigner
  • Bitdefender
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-07-31T06:58:44.781Z
  • Last Modified Date
  • 2024-07-31T14:25:18.592Z
Weakness Enumerations
CWE URL
CWE-209 http://cwe.mitre.org/data/definitions/209.html
References
Reference URL Reference Tags
https://www.bitdefender.com/consumer/support/support/security-advisories/verbose-error-handling-issue-in-gravityzone-update-server-proxy-service/
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2024-6980
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6980
History
Created Old Value New Value Data Type Notes
2024-08-01 13:13:08 Added to TrackCVE