CVE-2024-41738

MEDIUM Year: 2024
CVSS v3 Score
5.9
Medium
Weakness Type
CWE-598
View all →

Vulnerability Description

IBM TXSeries for Multiplatforms 10.1 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques.

Related Vulnerabilities

CVE-2024-12012

MEDIUM
CVSS:5.7(Medium)

A CWE-598 “Use of GET Request Method with Sensitive Query Strings” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. Both the SHA-1 hash of the password as well as the...

CWE-5982024

CVE-2024-32931

MEDIUM
CVSS:5.7(Medium)

Under certain circumstances the exacqVision Web Service can expose authentication token details within communications.

CWE-5982024

CVE-2025-1738

MEDIUM
CVSS:6.2(Medium)

A Password Transmitted over Query String vulnerability has been found in Trivision Camera NC227WF v5.8.0 from TrivisionSecurity, exposing this sensitive information to a third party.

CWE-5982025

CVE-2020-5331

MEDIUM
CVSS:5.5(Medium)

RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an information exposure vulnerability. Users’ session information could potentially be stored in cache or log files. An authenticated malicious ...

CWE-5982020

CVE-2023-6287

MEDIUM
CVSS:5.5(Medium)

Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local attacker to retrieve passwords via reading log files.

CWE-5982023

CVE-2017-8443

MEDIUM
CVSS:6.5(Medium)

In Kibana X-Pack security versions prior to 5.4.3 if a Kibana user opens a crafted Kibana URL the result could be a redirect to an improperly initialized Kibana login screen. If the user enters creden...

CWE-5982017