CVE-2024-6916

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-6916
A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties in cleartext within a terminal using the '--show-inputs-only' flag.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://github.com/zowe/zowe-cli/packages/imperative Broken Link
Configurations

Configuration 1 (hide)

cpe:2.3:a:zowe:zowe_cli:*:*:*:*:*:*:*:*
History

23 Aug 2024, 13:44

Type Values Removed Values Added
References () https://github.com/zowe/zowe-cli/packages/imperative - () https://github.com/zowe/zowe-cli/packages/imperative - Broken Link
CWE CWE-922
Summary
  • (es) Una vulnerabilidad en Zowe CLI permite a actores locales privilegiados mostrar propiedades almacenadas de forma segura en texto plano dentro de una terminal usando el indicador '--show-inputs-only'.
First Time Zowe zowe Cli
Zowe
CPE cpe:2.3:a:zowe:zowe_cli:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 5.9 		v2 : unknown
v3 : 5.5

19 Jul 2024, 11:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-19 11:15

Updated : 2024-08-23 13:44

NVD link : CVE-2024-6916

Mitre link : CVE-2024-6916

CVE.ORG link : CVE-2024-6916

JSON object : View

Products Affected

zowe

  • zowe_cli
CWE
CWE-922

Insecure Storage of Sensitive Information


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024