Lucene search
HistoryMay 14, 2024 - 5:17 p.m.
CVE-2024-30054
cve-2024-30054
nvd
information disclosure
power bi
javascript sdk
microsoft
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
38.1%
Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability
Affected configurations
Node
microsoftclient_js_sdkRange2.0.0–2.23.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | client_js_sdk | * | cpe:2.3:a:microsoft:client_js_sdk:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "PowerBI-client JS SDK",
"cpes": [
"cpe:2.3:a:microsoft:powerbi-client_js_sdk:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "2.0.0",
"lessThan": "2.23.1",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
github
github
cvelist
cvelist
osv
osv
nessus
nessus
NuGet Package 'Microsoft.PowerBI.JavaScript' < 2.23.1 Information Disclosure
2024-05-15 00:00:00
vulnrichment
vulnrichment
veracode
veracode
Information Disclosure
2024-05-17 06:36:02
nvd
nvd
CVE-2024-30054
2024-05-14 17:17:22
mscve
mscve
rapid7blog
rapid7blog
Patch Tuesday - May 2024
2024-05-14 20:25:36
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
38.1%
Related for CVE-2024-30054