How severe is CVE-2024-37654?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.1 out of 10.

What type of vulnerability is CVE-2024-37654?

This is classified as CWE-922, which is a common weakness in software security.

CVE-2024-37654 - MEDIUM Severity | CVSS 6.1

Vulnerability Description

An issue in BAS-IP AV-01D, AV-01MD, AV-01MFD, AV-01ED, AV-01KD, AV-01BD, AV-01KBD, AV-02D, AV-02IDE, AV-02IDR, AV-02IPD, AV-02FDE, AV-02FDR, AV-03D, AV-03BD, AV-04AFD, AV-04ASD, AV-04FD, AV-04SD, AV-05FD, AV-05SD, AA-07BD, AA-07BDI, BA-04BD, BA-04MD, BA-08BD, BA-08MD, BA-12BD, BA-12MD, CR-02BD before 3.9.2 allows a remote attacker to obtain sensitive information via a crafted HTTP GET request.

Related Vulnerabilities

CVE-2023-52345

MEDIUM

CVSS:6.0(Medium)

In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed

CWE-9222023

CVE-2023-6253

MEDIUM

CVSS:6.0(Medium)

A saved encryption key in the Uninstaller in Digital Guardian's Agent before version 7.9.4 allows a local attacker to retrieve the uninstall key and remove the software by extracting the uninstaller k...

CWE-9222023

CVE-2023-42839

MEDIUM

CVSS:6.2(Medium)

This issue was addressed with improved state management. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

CWE-9222023

CVE-2024-34721

MEDIUM

CVSS:6.2(Medium)

In ensureFileColumns of MediaProvider.java, there is a possible disclosure of files owned by another user due to improper input validation. This could lead to local information disclosure with no addi...

CWE-9222024

CVE-2024-44216

MEDIUM

CVSS:6.2(Medium)

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to access user-sensitive data.

CWE-9222024

CVE-2024-44257

MEDIUM

CVSS:6.2(Medium)

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to access sensitive user data.

CWE-9222024