Log File Vulnerability Could Leak Sensitive Information

CVE-2024-38321

6.5MEDIUM

Key Information

Vendor: IBM
Status: Business Automation Workflow
Vendor: CVE Published:; 3 August 2024

Summary

IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations that could be read by an authenticated user. IBM X-Force ID: 284868.

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Aug 3, 2024

Collectors

NVD Database