{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T07:17:15.446","vulnerabilities":[{"cve":{"id":"CVE-2024-43779","sourceIdentifier":"talos-cna@cisco.com","published":"2025-02-06T17:15:19.160","lastModified":"2025-09-05T17:44:10.310","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An information disclosure vulnerability exists in the Vault API functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to reading vaults that have been previously disabled, possibly leaking sensitive credentials. An attacker can send a series of HTTP requests to trigger this vulnerability."},{"lang":"es","value":"Existe una vulnerabilidad de divulgación de información en la funcionalidad Vault API de ClearML Enterprise Server 3.22.5-1533. Una solicitud HTTP especialmente manipulada puede provocar la lectura de bóvedas que se han deshabilitado previamente, lo que puede provocar la filtración de credenciales confidenciales. Un atacante puede enviar una serie de solicitudes HTTP para activar esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:clear:clearml_enterprise_server:3.22.5-1533:*:*:*:*:*:*:*","matchCriteriaId":"BAF76DBA-9034-4A07-B0EE-00A04B71EC06"}]}]}],"references":[{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2024-2112","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2112","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}