CVE-2024-38460 | SonarSource SonarQube up to 9.9.3/10.3 Setting missing encryption

Inserito da Angelo Barbosa | Giu 16, 2024 | CVE

A vulnerability classified as problematic has been found in SonarSource SonarQube up to 9.9.3/10.3. Affected is an unknown function of the component Setting Handler. The manipulation leads to missing encryption of sensitive data.

This vulnerability is traded as CVE-2024-38460. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-38460 | SonarSource SonarQube up to 9.9.3/10.3 Setting missing encryption

Post correlati

CVE-2024-5043 | Emlog Pro 2.3.4 admin/setting.php unrestricted upload

CVE-2024-8712 | GTM Server Side Plugin up to 2.1.19 on WordPress cross site scripting

CVE-2024-1330 | WP-FeedStats kadence-blocks-pro Plugin up to 2.3.7 on WordPress Shortcode access control

CVE-2024-0740 | Eclipse Target Management up to 4.5.500 os command injection