Products
GravityZone Console
- before 6.38.1-5
Source
cve-requests@bitdefender.com
Tags
CVE-2024-6980 details
Published : July 31, 2024, 7:15 a.m.
Last Modified : July 31, 2024, 12:57 p.m.
Last Modified : July 31, 2024, 12:57 p.m.
Description
A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-5 running only on premise.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|---|---|
CWE-209 | Generation of Error Message Containing Sensitive Information | The product generates an error message that includes sensitive information about its environment, users, or associated data. |
References
URL | Source |
---|---|
https://www.bitdefender.com/consumer/support/support/security-advisories/verbose-error-handling-issue-in-gravityzone-update-server-proxy-service/ | cve-requests@bitdefender.com |
This website uses the NVD API, but is not approved or certified by it.