Products
VMware Cloud Director Object Storage Extension
Source
security@vmware.com
Tags
CVE-2024-22276 details
Published : June 27, 2024, 9:15 p.m.
Last Modified : June 27, 2024, 9:15 p.m.
Last Modified : June 27, 2024, 9:15 p.m.
Description
VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are logged.
CVSS Score
1 | 2 | 3 | 4 | 5.3 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
CVSS Data
Attack Vector
ADJACENT_NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
Base Score
5.3
Exploitability Score
1.6
Impact Score
3.6
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
References
URL | Source |
---|---|
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24372 | security@vmware.com |
This website uses the NVD API, but is not approved or certified by it.