Vulnerabilities > CVE-2024-7267 - Unspecified vulnerability in Nask EZD RP

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

nask

NVD

Published: 2024-08-07

Updated: 2024-08-23

Summary

Exposure of Sensitive Information vulnerability in Naukowa i Akademicka Sie? Komputerowa - Pa?stwowy Instytut Badawczy EZD RP allows logged-in user to retrieve information about IP infrastructure and credentials. This issue affects EZD RP all versions before 19.6

Vulnerable Configurations

Part	Description	Count
Application	Nask Nask EZD RP - Nask EZD RP 15 Nask EZD RP 15.84 Nask EZD RP 16 Nask EZD RP 16.15 Nask EZD RP 17 Nask EZD RP 17.2 Nask EZD RP 19.4	8

References

https://cert.pl/en/posts/2024/08/CVE-2023-7265/
https://cert.pl/posts/2024/08/CVE-2023-7265/
https://www.gov.pl/web/ezd-rp