CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24907
https://notcve.org/view.php?id=CVE-2024-24907
Exploitation may lead to information disclosure, session theft, or client-side request forgery. • https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24906
https://notcve.org/view.php?id=CVE-2024-24906
Exploitation may lead to information disclosure, session theft, or client-side request forgery. • https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24900
https://notcve.org/view.php?id=CVE-2024-24900
Exploitation may lead to information disclosure and unauthorized access to the system. • https://www.dell.com/support/kbdoc/en-us/000222330/dsa-2024-077-security-update-for-dell-secure-connect-gateway-policy-manager-vulnerabilities • CWE-285: Improper Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50312 – IBM WebSphere Application Server Liberty information disclosure
https://notcve.org/view.php?id=CVE-2023-50312
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration. IBM X-Force ID: 274711. IBM WebSphere Application Server Liberty 17.0.0.3 a 24.0.0.2 podría proporcionar una seguridad más débil de lo esperado para las conexiones TLS salientes causadas por una falla al respetar la configuración del usuario. ID de IBM X-Force: 274711. • https://exchange.xforce.ibmcloud.com/vulnerabilities/274711 https://www.ibm.com/support/pages/node/7125527 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2023-50324 – IBM Cognos Command Center information disclosure
https://notcve.org/view.php?id=CVE-2023-50324
IBM Cognos Command Center 10.2.4.1 and 10.2.5 exposes details the X-AspNet-Version Response Header that could allow an attacker to obtain information of the application environment to conduct further attacks. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275038 https://www.ibm.com/support/pages/node/7112504 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •