⚠️Today : 0 critical vulnerabilities | 0 high vulnerabilities | 1 medium vulnerabilities | 0 low vulnerabilities - You can now download lists of IOCs here !

CVE-2024-52043

Nov. 6, 2024, 6:17 p.m.

Product(s) Impacted

HumHub

  • through 1.16.2

Description

Generation of Error Message Containing Sensitive Information in HumHub GmbH & Co. KG - HumHub on Linux allows: Excavation (user enumeration).This issue affects all released HumHub versions: through 1.16.2.

Weaknesses

CWE-204
Observable Response Discrepancy

The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.

CWE ID: 204
CWE-209
Generation of Error Message Containing Sensitive Information

The product generates an error message that includes sensitive information about its environment, users, or associated data.

CWE ID: 209

Date

Published: Nov. 6, 2024, 8:15 a.m.

Last Modified: Nov. 6, 2024, 6:17 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe

References

https://github.com/ 2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe

https://https:/ 2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe

https://www.vulsec.org/ 2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe