nvd-json-data-feeds/CVE-2024/CVE-2024-72xx/CVE-2024-7259.json

{
  "id": "CVE-2024-7259",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2024-09-26T16:15:08.997",
  "lastModified": "2024-09-30T12:46:20.237",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext."
    },
    {
      "lang": "es",
      "value": "Se encontr\u00f3 una falla en oVirt. Un usuario con privilegios de administrador, incluidos los usuarios con el permiso ReadOnlyAdmin, puede usar las herramientas para desarrolladores del navegador para ver las contrase\u00f1as del proveedor en texto plano."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "secalert@redhat.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "HIGH",
          "privilegesRequired": "HIGH",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 0.7,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "secalert@redhat.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-312"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://access.redhat.com/security/cve/CVE-2024-7259",
      "source": "secalert@redhat.com"
    },
    {
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314229",
      "source": "secalert@redhat.com"
    }
  ]
}