CVE-2024-7569

CRITICAL Year: 2024
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-215
View all →

Vulnerability Description

An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information.

Related Vulnerabilities

CVE-2018-1191

HIGH
CVSS:8.8(High)

Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an information exposure vulnerability. A user with access to Garden logs may be able to obtain leaked credentials and perform authenticate...

CWE-2152018

CVE-2022-0721

HIGH
CVSS:8.8(High)

Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3.

CWE-2152022

CVE-2019-3781

HIGH
CVSS:8.2(High)

Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes passwords when verbose/trace/debugging is turned on. A local unauthenticated or remote authenticated malicious user with access to logs...

CWE-2152019

CVE-2018-1191

HIGH
CVSS:8.8(High)

Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an information exposure vulnerability. A user with access to Garden logs may be able to obtain leaked credentials and perform authenticate...

CWE-2152018

CVE-2022-0721

HIGH
CVSS:8.8(High)

Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3.

CWE-2152022

CVE-2019-3781

HIGH
CVSS:8.2(High)

Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes passwords when verbose/trace/debugging is turned on. A local unauthenticated or remote authenticated malicious user with access to logs...

CWE-2152019