CVE-2024-2745 (GCVE-0-2024-2745)

Vulnerability from cvelistv5 – Published: 2024-04-02 09:51 – Updated: 2024-08-01 19:25
VLAI?
Summary
Rapid7's InsightVM maintenance mode login page suffers from a sensitive information exposure vulnerability whereby, sensitive information is exposed through query strings in the URL when login is attempted before the page is fully loaded.  This vulnerability allows attackers to acquire sensitive information such as passwords, auth tokens, usernames etc.     The vulnerability is remediated in version 6.6.244. 
Severity ?
3.3 (Low)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE
Assigner
References
Impacted products
Vendor Product Version
Rapid7 InsightVM Affected: 0 , < 6.6.244 (custom)
Create a notification for this product.
Credits
Sreenath Raghunath (Fireware LLC UAE, OMAN)
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2745",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-10T13:16:08.065185Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-10T13:16:15.364Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:25:41.647Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.rapid7.com/release-notes/insightvm/20240327/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "InsightVM",
          "vendor": "Rapid7",
          "versions": [
            {
              "lessThan": "6.6.244",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Sreenath Raghunath (Fireware LLC UAE, OMAN)"
        }
      ],
      "datePublic": "2024-03-27T15:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Rapid7\u0027s InsightVM maintenance mode login page suffers from a sensitive information exposure vulnerability whereby, sensitive information is exposed through query strings in the URL when login is attempted before the page is fully loaded.\u0026nbsp; This vulnerability allows attackers to acquire sensitive information such as passwords, auth tokens, usernames etc.\u0026nbsp;\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u0026nbsp;\u003cbr\u003eThe vulnerability is remediated in version 6.6.244.\u0026nbsp;\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "Rapid7\u0027s InsightVM maintenance mode login page suffers from a sensitive information exposure vulnerability whereby, sensitive information is exposed through query strings in the URL when login is attempted before the page is fully loaded.\u00a0 This vulnerability allows attackers to acquire sensitive information such as passwords, auth tokens, usernames etc.\u00a0\u00a0\n\u00a0\nThe vulnerability is remediated in version 6.6.244.\u00a0\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-598",
              "description": "CWE-598",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-02T09:51:52.370Z",
        "orgId": "9974b330-7714-4307-a722-5648477acda7",
        "shortName": "rapid7"
      },
      "references": [
        {
          "url": "https://docs.rapid7.com/release-notes/insightvm/20240327/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Rapid7 InsightVM Sensitive Information Exposure via URL",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
    "assignerShortName": "rapid7",
    "cveId": "CVE-2024-2745",
    "datePublished": "2024-04-02T09:51:52.370Z",
    "dateReserved": "2024-03-20T14:46:17.613Z",
    "dateUpdated": "2024-08-01T19:25:41.647Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Rapid7\u0027s InsightVM maintenance mode login page suffers from a sensitive information exposure vulnerability whereby, sensitive information is exposed through query strings in the URL when login is attempted before the page is fully loaded.\\u00a0 This vulnerability allows attackers to acquire sensitive information such as passwords, auth tokens, usernames etc.\\u00a0\\u00a0\\n\\u00a0\\nThe vulnerability is remediated in version 6.6.244.\\u00a0\\n\\n\"}, {\"lang\": \"es\", \"value\": \"La p\\u00e1gina de inicio de sesi\\u00f3n en modo de mantenimiento InsightVM de Rapid7 sufre una vulnerabilidad de exposici\\u00f3n de informaci\\u00f3n confidencial por la cual, la informaci\\u00f3n confidencial queda expuesta a trav\\u00e9s de cadenas de consulta en la URL cuando se intenta iniciar sesi\\u00f3n antes de que la p\\u00e1gina est\\u00e9 completamente cargada. Esta vulnerabilidad permite a los atacantes adquirir informaci\\u00f3n confidencial como contrase\\u00f1as, tokens de autenticaci\\u00f3n, nombres de usuario, etc. La vulnerabilidad se solucion\\u00f3 en la versi\\u00f3n 6.6.244.\"}]",
      "id": "CVE-2024-2745",
      "lastModified": "2024-11-21T09:10:25.300",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"cve@rapid7.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 3.3, \"baseSeverity\": \"LOW\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 1.4}]}",
      "published": "2024-04-02T10:15:09.950",
      "references": "[{\"url\": \"https://docs.rapid7.com/release-notes/insightvm/20240327/\", \"source\": \"cve@rapid7.com\"}, {\"url\": \"https://docs.rapid7.com/release-notes/insightvm/20240327/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@rapid7.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"cve@rapid7.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-598\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-2745\",\"sourceIdentifier\":\"cve@rapid7.com\",\"published\":\"2024-04-02T10:15:09.950\",\"lastModified\":\"2025-02-25T18:36:41.020\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Rapid7\u0027s InsightVM maintenance mode login page suffers from a sensitive information exposure vulnerability whereby, sensitive information is exposed through query strings in the URL when login is attempted before the page is fully loaded.\u00a0 This vulnerability allows attackers to acquire sensitive information such as passwords, auth tokens, usernames etc.\u00a0\u00a0\\n\u00a0\\nThe vulnerability is remediated in version 6.6.244.\u00a0\\n\\n\"},{\"lang\":\"es\",\"value\":\"La p\u00e1gina de inicio de sesi\u00f3n en modo de mantenimiento InsightVM de Rapid7 sufre una vulnerabilidad de exposici\u00f3n de informaci\u00f3n confidencial por la cual, la informaci\u00f3n confidencial queda expuesta a trav\u00e9s de cadenas de consulta en la URL cuando se intenta iniciar sesi\u00f3n antes de que la p\u00e1gina est\u00e9 completamente cargada. Esta vulnerabilidad permite a los atacantes adquirir informaci\u00f3n confidencial como contrase\u00f1as, tokens de autenticaci\u00f3n, nombres de usuario, etc. La vulnerabilidad se solucion\u00f3 en la versi\u00f3n 6.6.244.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@rapid7.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":3.3,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":3.3,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"cve@rapid7.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-598\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rapid7:insightvm:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.6.244\",\"matchCriteriaId\":\"8177A151-3A50-4F73-A42B-03EF30A5F660\"}]}]}],\"references\":[{\"url\":\"https://docs.rapid7.com/release-notes/insightvm/20240327/\",\"source\":\"cve@rapid7.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://docs.rapid7.com/release-notes/insightvm/20240327/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://docs.rapid7.com/release-notes/insightvm/20240327/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T19:25:41.647Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-2745\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-10T13:16:08.065185Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-10T13:16:12.979Z\"}}], \"cna\": {\"title\": \"Rapid7 InsightVM Sensitive Information Exposure via URL\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Sreenath Raghunath (Fireware LLC UAE, OMAN)\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 3.3, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Rapid7\", \"product\": \"InsightVM\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"6.6.244\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2024-03-27T15:00:00.000Z\", \"references\": [{\"url\": \"https://docs.rapid7.com/release-notes/insightvm/20240327/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Rapid7\u0027s InsightVM maintenance mode login page suffers from a sensitive information exposure vulnerability whereby, sensitive information is exposed through query strings in the URL when login is attempted before the page is fully loaded.\\u00a0 This vulnerability allows attackers to acquire sensitive information such as passwords, auth tokens, usernames etc.\\u00a0\\u00a0\\n\\u00a0\\nThe vulnerability is remediated in version 6.6.244.\\u00a0\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Rapid7\u0027s InsightVM maintenance mode login page suffers from a sensitive information exposure vulnerability whereby, sensitive information is exposed through query strings in the URL when login is attempted before the page is fully loaded.\u0026nbsp; This vulnerability allows attackers to acquire sensitive information such as passwords, auth tokens, usernames etc.\u0026nbsp;\u0026nbsp;\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\u003cbr\u003e\u0026nbsp;\u003cbr\u003eThe vulnerability is remediated in version 6.6.244.\u0026nbsp;\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-598\", \"description\": \"CWE-598\"}]}], \"providerMetadata\": {\"orgId\": \"9974b330-7714-4307-a722-5648477acda7\", \"shortName\": \"rapid7\", \"dateUpdated\": \"2024-04-02T09:51:52.370Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-2745\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T19:25:41.647Z\", \"dateReserved\": \"2024-03-20T14:46:17.613Z\", \"assignerOrgId\": \"9974b330-7714-4307-a722-5648477acda7\", \"datePublished\": \"2024-04-02T09:51:52.370Z\", \"assignerShortName\": \"rapid7\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.