CVE-2024-22200

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jan 30, 2024

Updated: Feb 8, 2024

CWE ID 200

Summary

CVE-2024-22200 is a vulnerability affecting the vantage6-UI, the User Interface for vantage6. The issue stems from the docker image used to run the UI, which inadvertently discloses the nginx version. This disclosure could potentially be exploited by attackers to target specific vulnerabilities in the nginx server. To mitigate the risk, users are advised to run the UI as an angular application instead. The vulnerability was addressed in version 4.2.0 of vantage6-UI.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uET5gd
https://www.cve.org/CVERecord?id=CVE-2024-22200
https://nvd.nist.gov/vuln/detail/CVE-2024-22200

Back to Vulnerability Database

CVE-2024-22200

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations