CVE-2024-39220 | BAS-IP AV-01D up to 3.9.1 GET Request information disclosure

A vulnerability was found in BAS-IP AV-01D, AV-01MD, AV-01MFD, AV-01ED, AV-01KD, AV-01BD, AV-01KBD, AV-02D, AV-02IDE, AV-02IDR, AV-02IPD, AV-02FDE, AV-02FDR, AV-03D, AV-03BD, AV-04AFD, AV-04ASD, AV-04FD, AV-04SD, AV-05FD, AV-05SD, AA-07BD, AA-07BDI, BA-04BD, BA-04MD, BA-08BD, BA-08MD, BA-12BD, BA-12MD and CR-02BD up to 3.9.1. It has been rated as problematic. This issue affects some unknown processing of the component GET Request Handler. The manipulation leads to information disclosure.

The identification of this vulnerability is CVE-2024-39220. The attack needs to be approached within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-39220 | BAS-IP AV-01D up to 3.9.1 GET Request information disclosure

Related Posts

CVE-2023-48952 | openlink virtuoso-opensource 7.2.11 SELECT Statement box_deserialize_reusing denial of service (Issue 1175)

CVE-2024-20376 | Cisco IP Phone 6800/IP Phone 7800/IP Phone 8800 up to 12.0.4 Web-based Management Interface out-of-bounds write (cisco-sa-ipphone-multi-vulns-cXAhCvS)

CVE-2024-5763 | posimyththemes Plus Addons for Elementor Plugin up to 5.6.2 on WordPress video_date cross site scripting

CVE-2024-21093 | Oracle Database Enterprise Edition up to 19.22/21.13 Java VM information disclosure