CVE-2024-6861 – Foreman GraphQL API Information Disclosure Vulnerability

11月 6, 2024
4:17 pm

CVE ID : CVE-2024-6861

Published : Nov. 6, 2024, 3:15 p.m. | 1 hour, 1 minute ago

Description : A disclosure of sensitive information flaw was found in foreman via the GraphQL API. If the introspection feature is enabled, it is possible for attackers to retrieve sensitive admin authentication keys which could result in a compromise of the entire product’s API.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-6861 – Foreman GraphQL API Information Disclosure Vulnerability

Elvescore.io

Recent Posts

CVE-2024-56199 – phpMyFAQ HTML Injection Vulnerability

CVE-2025-0173 – SourceCodester Online Eyewear Shop SQL Injection Vulnerability

CVE-2024-11716 – CTFd Team Bracket Reassignment Vulnerability ( Privilege Escalation )

CVE-2024-11717 – CTFd TokenForgeable Authentication

CVE-2022-45811 – WeyHan Ng Post Teaser Missing Authorization

CVE-2022-47601 – “JoomUnited WP Table Manager Authorization Bypass”

CVE-2024-6861 – Foreman GraphQL API Information Disclosure Vulnerability

CVE-2024-6861 – Foreman GraphQL API Information Disclosure Vulnerability