Medium severityNVD Advisory· Published Dec 12, 2024· Updated Apr 15, 2026
CVE-2024-12564
CVE-2024-12564
Description
Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open Design Alliance CDE inWEB SDK before 2025.3. Installing CDE Server with default settings allows unauthorized users to visit prometheus metrics page. This can allow attackers to understand more things about the target application which may help in further investigation and exploitation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <2025.3
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.