CVE-2024-35371

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 29, 2024
Updated: Dec 2, 2024
CWE ID 125

Summary

CVE-2024-35371 is a vulnerability affecting Ant-Media-Server version 2.8.2. This issue involves improper output neutralization for logs, leading to insufficient input sanitization in the logging mechanism. As a result, user-controllable data, including identifiers and sensitive information, can be included in log entries without restriction, potentially exposing sensitive data to unauthorized users. This vulnerability poses a significant risk to organizations using Ant-Media-Server and emphasizes the importance of implementing proper filtering and validation measures in logging mechanisms.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share