CVE-2024-53683

MEDIUM Year: 2024
CVSS v3 Score
4.4
Medium
Weakness Type
CWE-497
View all →

Vulnerability Description

A valid set of credentials in a .js file and a static token for communication were obtained from the decompiled IPA. An attacker could use the information to disrupt normal use of the application by changing the translation files and thus weaken the integrity of normal use.

Related Vulnerabilities

CVE-2022-20734

MEDIUM
CVSS:4.4(Medium)

A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system...

CWE-4972022

CVE-2024-36509

MEDIUM
CVSS:4.4(Medium)

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiWeb version 7.6.0, version 7.4.3 and below, version 7.2.10 and below, version 7.0.10 and b...

CWE-4972024

CVE-2023-34209

MEDIUM
CVSS:4.3(Medium)

Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to obtain the ab...

CWE-4972023

CVE-2024-31419

MEDIUM
CVSS:4.3(Medium)

An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature was introduced to expose host metrics to virtual machine guests and is enabled by default. This issue ...

CWE-4972024

CVE-2024-37070

MEDIUM
CVSS:4.3(Medium)

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system.

CWE-4972024

CVE-2024-40706

MEDIUM
CVSS:4.3(Medium)

IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system.

CWE-4972024