HaloITSM versions up to 2.146.1 are affected by a Template Injection vulnerability within the engine used to generate emails. This can lead to the leakage of potentially sensitive information. HaloITSM versions past 2.146.1 (and patches starting from 2.143.61 ) fix the mentioned vulnerability.
References
Link | Resource |
---|---|
https://haloitsm.com/guides/article/?kbid=2153 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
29 Aug 2024, 17:52
Type | Values Removed | Values Added |
---|---|---|
First Time |
Haloservicesolutions haloitsm
Haloservicesolutions |
|
References | () https://haloitsm.com/guides/article/?kbid=2153 - Vendor Advisory | |
CPE | cpe:2.3:a:haloservicesolutions:haloitsm:*:*:*:*:*:*:*:* | |
CWE | NVD-CWE-Other |
06 Aug 2024, 16:30
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
06 Aug 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-06 06:15
Updated : 2024-08-29 17:52
NVD link : CVE-2024-6201
Mitre link : CVE-2024-6201
CVE.ORG link : CVE-2024-6201
JSON object : View
Products Affected
haloservicesolutions
- haloitsm
CWE