CVE-2024-5996 - Vulnerability Details

Description

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Published: 2024-06-14

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

No reference.

History

Wed, 14 Aug 2024 02:30:00 +0000

Type	Values Removed	Values Added
Title	Soar Cloud HR Portal - Cleartext Transmission of Sensitive Information
Weaknesses	CWE-319
References	https://www.twcert.org.tw/en/cp-139-7874-b6727-2.html https://www.twcert.org.tw/tw/cp-132-7873-5ba4c-1.html
Metrics	cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}`

Wed, 14 Aug 2024 02:00:00 +0000

Type	Values Removed	Values Added
Description	The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. These emails are sent without using an encrypted transmission protocol. If an attacker intercepts the packets, they can obtain the plaintext session information and use it to log into the system.	This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Subscriptions

No data.

MITRE

Status: REJECTED

Assigner: twcert

Published: 2024-06-14T08:22:11.671Z

Updated: 2024-08-14T01:39:58.883Z

Reserved: 2024-06-14T06:53:32.217Z

Link: CVE-2024-5996

Vulnrichment

Updated:

NVD

Status : Rejected

Published: 2024-06-14T09:15:11.010

Modified: 2024-08-14T02:15:04.567

Link: CVE-2024-5996

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object