A vulnerability classified as problematic was found in SalesForce Avalara for Salesforce CPQ App up to 6.x. This vulnerability affects unknown code of the component API Key Handler. The manipulation leads to information disclosure.

This vulnerability was named CVE-2024-38453. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.