CVE-2024-5916

MEDIUM Year: 2024
CVSS v3 Score
4.4
Medium
Weakness Type
CWE-313
View all →

Vulnerability Description

An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets, passwords, and tokens to external systems.

Related Vulnerabilities

CVE-2023-35699

MEDIUM
CVSS:4.6(Medium)

Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card.

CWE-3132023

CVE-2024-38280

HIGH
CVSS:4.6(Medium)

An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text.

CWE-3132024

CVE-2024-49762

MEDIUM
CVSS:4.6(Medium)

Pterodactyl is a free, open-source game server management panel. When a user disables two-factor authentication via the Panel, a `DELETE` request with their current password in a query parameter will ...

CWE-3132024

CVE-2023-0114

MEDIUM
CVSS:5.5(Medium)

A vulnerability was found in Netis Netcore Router. It has been rated as problematic. Affected by this issue is some unknown functionality of the file param.file.tgz of the component Backup Handler. Th...

CWE-3132023

CVE-2023-2863

MEDIUM
CVSS:5.5(Medium)

A vulnerability has been found in Simple Design Daily Journal 1.012.GP.B on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the component SQLite Da...

CWE-3132023

CVE-2023-4066

MEDIUM
CVSS:5.5(Medium)

A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the...

CWE-3132023