How severe is CVE-2024-8334?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2024-8334?

This is classified as CWE-117, which is a common weakness in software security.

CVE-2024-8334 - MEDIUM Severity | CVSS 8.1

Vulnerability Description

A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been rated as problematic. This issue affects the function LogHandler of the file middleware/log.go. The manipulation leads to improper output neutralization for logs. The attack may be initiated remotely. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The identifier of the patch is 2024c370e6c78b07b358c9d4257fa5d1be732c38. It is recommended to apply a patch to fix this issue.

Related Vulnerabilities

CVE-2022-22151

HIGH

CVSS:8.1(High)

CAMS for HIS Log Server contained in the following Yokogawa Electric products fails to properly neutralize log outputs: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01...

CWE-1172022

CVE-2023-3997

HIGH

CVSS:7.8(High)

Splunk SOAR versions lower than 6.1.0 are indirectly affected by a potential vulnerability accessed through the user’s terminal. A third party can send Splunk SOAR a maliciously crafted web request co...

CWE-1172023

CVE-2023-4571

HIGH

CVSS:8.6(High)

In Splunk IT Service Intelligence (ITSI) versions below below 4.13.3, 4.15.3, or 4.17.1, a malicious actor can inject American National Standards Institute (ANSI) escape codes into Splunk ITSI log fil...

CWE-1172023

CVE-2024-25047

HIGH

CVSS:8.6(High)

IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 is vulnerable to injection attacks in application logging by not sanitizing user provided data. This could lead to further attacks ...

CWE-1172024

CVE-2020-25646

HIGH

CVSS:7.5(High)

A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality

CWE-1172020

CVE-2024-47083

HIGH

CVSS:7.5(High)

Power Platform Terraform Provider allows managing environments and other resources within Power Platform. Versions prior to 3.0.0 have an issue in the Power Platform Terraform Provider where sensitive...

CWE-1172024