CVE-2024-36464
LOWDescription
When exporting media types, the password is exported in the YAML in plain text. This appears to be a best practices type issue and may have no actual impact. The user would need to have permissions to access the media types and therefore would be expected to have access to these passwords.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| zabbix | zabbix |
| zabbix | zabbix |
References
Advisories & Patches
Other References
Frequently Asked Questions
What is CVE-2024-36464? +
How severe is CVE-2024-36464? +
What products are affected by CVE-2024-36464? +
How do I check if I'm vulnerable to CVE-2024-36464? +
Related Vulnerabilities
Credentials of built-in users are insecurely stored in the User directory of PcVue projects, all versions prior to 17.0.0. A …
Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. In a setup where OpenID …
In WODESYS WD-R608U router (also known as WDR122B V2.0 and WDR28) admin password is stored in configuration file as plaintext …
LITEON IC48A firmware versions prior to 01.00.19r and LITEON IC80A firmware versions prior to 01.01.12e store FTP-server-access-credentials in cleartext in …
Minecraft RCON Terminal is a VS Code extension that streamlines Minecraft server management. Versions 0.1.0 through 2.0.6 stores passwords using …
Plaintext storage of a password vulnerability in ILM Informatique OpenConcerto allows Retrieve Embedded Sensitive Data. This issue affects OpenConcerto: 1.7.5.