VYPR
Unrated severityNVD Advisory· Published Feb 6, 2025· Updated Feb 12, 2025

CVE-2024-43779

CVE-2024-43779

Description

An information disclosure vulnerability exists in the Vault API functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to reading vaults that have been previously disabled, possibly leaking sensitive credentials. An attacker can send a series of HTTP requests to trigger this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Clearml/Clearmlllm-fuzzy2 versions
    = 3.22.5-1533+ 1 more
    • (no CPE)range: = 3.22.5-1533
    • (no CPE)range: Enterprise Server 3.22.5-1533

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.