CVE-2024-33004

MEDIUM Year: 2024
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-524
View all →

Vulnerability Description

SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. On successful exploitation, the attacker can see the sensitive information through cache and can open the pages causing limited impact on Confidentiality, Integrity and Availability of the application.

Related Vulnerabilities

CVE-2019-14997

MEDIUM
CVSS:4.3(Medium)

The AccessLogFilter class in Jira before version 8.4.0 allows remote anonymous attackers to learn details about other users, including their username, via an information expose through caching vulnera...

CWE-5242019

CVE-2022-3292

MEDIUM
CVSS:4.3(Medium)

Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8.

CWE-5242022

CVE-2019-9495

LOW
CVSS:3.7(Low)

The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD suppor...

CWE-5242019

CVE-2019-11244

LOW
CVSS:3.3(Low)

In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir (defaulting to $HOME/.kube/http-cache), written with world-writeable permissions (rw-rw-rw-). If...

CWE-5242019

CVE-2021-44854

MEDIUM
CVSS:5.3(Medium)

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. The REST API publicly caches results from private wikis.

CWE-5242021

CVE-2024-0874

MEDIUM
CVSS:5.3(Medium)

A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.

CWE-5242024