Security Advisory

CVE-2024-38460

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-06-16 00:00:00

Last updated 2025-03-13 14:12:15

Assigner mitre

State PUBLISHED

Description

In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are potentially exposed in cleartext as part of the URL parameters in the logs (such as SonarQube Access Logs, Proxy Logs, etc).

← Browse all CVEs View on cve.org ↗