Products
BeyondInsight
- before 23.1
Source
13061848-ea10-403d-bd75-c83a022c2891
Tags
CVE-2024-4220 details
Published : June 4, 2024, 9:15 p.m.
Last Modified : June 4, 2024, 9:15 p.m.
Last Modified : June 4, 2024, 9:15 p.m.
Description
Prior to 23.1, an information disclosure vulnerability exists within BeyondInsight which can allow an attacker to enumerate usernames.
CVSS Score
1 | 2 | 3 | 4.3 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
CVSS Data
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
Base Score
4.3
Exploitability Score
Impact Score
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
References
URL | Source |
---|---|
https://www.beyondtrust.com/trust-center/security-advisories/BT24-06 | 13061848-ea10-403d-bd75-c83a022c2891 |
This website uses the NVD API, but is not approved or certified by it.