Vulnerabilities > CVE-2024-44930 - Unspecified vulnerability in Serilog-Contrib Serilog-Enrichers-Clientinfo
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |