CVE-2024-2745 | Rapid7 InsightVM prior 6.6.244 Maintenance Mode Login Page get request method with sensitive query strings

Posted by Angelo Barbosa | Apr 2, 2024 | CVE

A vulnerability was found in Rapid7 InsightVM and classified as problematic. Affected by this issue is some unknown functionality of the component Maintenance Mode Login Page. The manipulation leads to use of get request method with sensitive query strings.

This vulnerability is handled as CVE-2024-2745. An attack has to be approached locally. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-2745 | Rapid7 InsightVM prior 6.6.244 Maintenance Mode Login Page get request method with sensitive query strings

Related Posts

CVE-2023-42962 | Apple iOS/iPadOS up to 16.7.2/17.1 denial of service

CVE-2024-40922 | Linux Kernel up to 6.6.34/6.9.5 io_rsrc_ref_quiesce buffer overflow (0c9df3df0c88/4429c6c77e17/54559642b961)

CVE-2023-6906 | Totolink A7100RU 7.4cu.2313_B20191024 HTTP POST Request cstecgi.cgi main flag buffer overflow

CVE-2024-26662 | Linux Kernel up to 6.6.16/6.7.4 Display dcn21_set_backlight_level null pointer dereference (2e150ccea131/0c863cab0e91/e96fddb32931)