Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view sensitive information through network attack vector
History

Wed, 09 Oct 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 09 Oct 2024 16:45:00 +0000

Type Values Removed Values Added
Description Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view sensitive information through network attack vector
Title Copilot Studio Information Disclosure Vulnerability
First Time appeared Microsoft
Microsoft copilot Studio
Weaknesses CWE-200
CPEs cpe:2.3:a:microsoft:copilot_studio:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft copilot Studio
References
Metrics cvssV3_1

{'score': 7.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C'}


cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2024-10-09T16:26:05.321Z

Updated: 2024-11-12T17:22:38.753Z

Reserved: 2024-08-14T01:08:33.552Z

Link: CVE-2024-43610

cve-icon Vulnrichment

Updated: 2024-10-09T16:45:19.191Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-10-09T17:15:19.397

Modified: 2024-10-10T12:51:56.987

Link: CVE-2024-43610

cve-icon Redhat

No data.