Lucene search
MicrosoftVULNRICHMENT:CVE-2024-30054HistoryMay 14, 2024 - 4:57 p.m.
CVE-2024-30054 Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability
2024-05-1416:57:32
CWE-20
microsoft
github.com
8
cve-2024-30054
microsoft power bi
client
javascript sdk
information disclosure
vulnerability
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
AI Score
6.8
Confidence
Low
EPSS
0.001
Percentile
37.9%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
CNA Affected
[
{
"cpes": [
"cpe:2.3:a:microsoft:powerbi-client_js_sdk:*:*:*:*:*:*:*:*"
],
"vendor": "Microsoft",
"product": "PowerBI-client JS SDK",
"versions": [
{
"status": "affected",
"version": "2.0.0",
"lessThan": "2.23.1",
"versionType": "custom"
}
],
"platforms": [
"Unknown"
]
}
]Related
github
github
nvd
nvd
CVE-2024-30054
2024-05-14 17:17:22
veracode
veracode
Information Disclosure
2024-05-17 06:36:02
mscve
mscve
cve
cve
CVE-2024-30054
2024-05-14 17:17:22
osv
osv
cvelist
cvelist
nessus
nessus
NuGet Package 'Microsoft.PowerBI.JavaScript' < 2.23.1 Information Disclosure
2024-05-15 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - May 2024
2024-05-14 20:25:36
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
AI Score
6.8
Confidence
Low
EPSS
0.001
Percentile
37.9%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-30054