Authorized Attacker Can Disclose Sensitive Information Over Network via Index Misconfiguration
CVE-2024-49071
6.5MEDIUM
Key Information:
- Vendor
Microsoft
- Vendor
- CVE Published:
- 12 December 2024
What is CVE-2024-49071?
Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network.
Affected Version(s)
Microsoft Defender for Endpoint for Windows Unknown