CVE-2024-6980
July 31, 2024, 12:57 p.m.
Tags
Product(s) Impacted
GravityZone Console
- before 6.38.1-5
Description
A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-5 running only on premise.
Weaknesses
CWE-209
Generation of Error Message Containing Sensitive Information
The product generates an error message that includes sensitive information about its environment, users, or associated data.
CWE ID: 209Date
Published: July 31, 2024, 7:15 a.m.
Last Modified: July 31, 2024, 12:57 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve-requests@bitdefender.com
References
https://www.bitdefender.com/
cve-requests@bitdefender.com