CVE-2024-23600

LOW Year: 2024
CVSS v3 Score
2.7
Low
Weakness Type
CWE-20
View all →

Vulnerability Description

Improper Input Validation of query search results for private field data in PingIDM (Query Filter module) allows for a potentially efficient brute forcing approach leading to information disclosure.

Related Vulnerabilities

CVE-2017-15136

LOW
CVSS:2.7(Low)

When registering and activating a new system with Red Hat Satellite 6 if the new systems hostname is then reset to the hostname of a previously registered system the previously registered system will ...

CWE-202017

CVE-2017-18382

LOW
CVSS:2.7(Low)

cPanel before 68.0.15 allows use of an unreserved e-mail address in DNS zone SOA records (SEC-306).

CWE-202017

CVE-2017-18393

LOW
CVSS:2.7(Low)

cPanel before 68.0.15 does not block a username of postmaster, which might allow reception of private e-mail (SEC-326).

CWE-202017

CVE-2017-18394

LOW
CVSS:2.7(Low)

cPanel before 68.0.15 does not have a sufficient list of reserved usernames (SEC-327).

CWE-202017

CVE-2017-18395

LOW
CVSS:2.7(Low)

cPanel before 68.0.15 does not block a username of ssl (SEC-328).

CWE-202017

CVE-2017-18401

LOW
CVSS:2.7(Low)

cPanel before 68.0.15 allows user accounts to be partially created with invalid username formats (SEC-334).

CWE-202017