BeyondInsight
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-4220 | 0.00 | — | 0.00 | Jun 4, 2024 | Prior to 23.1, an information disclosure vulnerability exists within BeyondInsight which can allow an attacker to enumerate usernames. | |||
| CVE-2024-4219 | 0.00 | — | 0.00 | Jun 4, 2024 | Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors within BeyondInsight, resulting in a server-side request forgery vulnerability. |
- CVE-2024-4220Jun 4, 2024risk 0.00cvss —epss 0.00
Prior to 23.1, an information disclosure vulnerability exists within BeyondInsight which can allow an attacker to enumerate usernames.
- CVE-2024-4219Jun 4, 2024risk 0.00cvss —epss 0.00
Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors within BeyondInsight, resulting in a server-side request forgery vulnerability.