Security Advisory

CVE-2024-43779

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-06 16:47:28

Last updated 2025-02-12 19:51:09

Assigner talos

State PUBLISHED

Description

An information disclosure vulnerability exists in the Vault API functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to reading vaults that have been previously disabled, possibly leaking sensitive credentials. An attacker can send a series of HTTP requests to trigger this vulnerability.

← Browse all CVEs View on cve.org ↗