216.73.216.204

CVE-2024-41674

· Published 21/08/2024 15:15 · Modified 23/08/2024 17:06

Labels: CVE-2024-41674 2024-08-21CVE-2024-41674CWE-209[email protected]

Essential information

Published
21/08/2024 15:15
Modified
23/08/2024 17:06
Author
Creator
CVSS
5.3 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS metrics

Description

CKAN is an open-source data management system for powering data hubs and data portals. If there were connection issues with the Solr server, the internal Solr URL (potentially including credentials) could be leaked to package_search calls as part of the returned error message. This has been patched in CKAN 2.10.5 and 2.11.0.

NVD status

Status
Analyzed — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
okfn / ckan cpe:2.3:a:okfn:ckan:*:*:*:*:*:*:*:*

References