CVE-2024-6861 | Foreman up to 3.2 GraphQL API information disclosure

Posted by Angelo Barbosa | Oct 9, 2024 | CVE

A vulnerability classified as problematic has been found in Foreman up to 3.2. Affected is an unknown function of the component GraphQL API. The manipulation leads to information disclosure.

This vulnerability is traded as CVE-2024-6861. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-6861 | Foreman up to 3.2 GraphQL API information disclosure

Related Posts

CVE-2024-27333 | Kofax Power PDF GIF File Parser out-of-bounds

CVE-2024-28354 | TRENDnet TEW-827DRU 2.10B01 POST Request apply.cgi usapps.@smb[%d].username command injection

CVE-2023-6646 | linkding 1.23.0 q cross site scripting

CVE-2024-21601 | Juniper Junos OS flowd race condition (JSA75742)