This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

No data.

No data.

No data.

References

No reference.

History

Wed, 14 Aug 2024 02:30:00 +0000

Type Values Removed Values Added
Title Soar Cloud HR Portal - Cleartext Transmission of Sensitive Information
Weaknesses CWE-319
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Wed, 14 Aug 2024 02:00:00 +0000

Type Values Removed Values Added
Description The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. These emails are sent without using an encrypted transmission protocol. If an attacker intercepts the packets, they can obtain the plaintext session information and use it to log into the system. This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
cve-icon MITRE

Status: REJECTED

Assigner: twcert

Published: 2024-06-14T08:22:11.671Z

Updated: 2024-08-14T01:39:58.883Z

Reserved: 2024-06-14T06:53:32.217Z

Link: CVE-2024-5996

cve-icon Vulnrichment

Updated:

cve-icon NVD

Status : Rejected

Published: 2024-06-14T09:15:11.010

Modified: 2024-08-14T02:15:04.567

Link: CVE-2024-5996

cve-icon Redhat

No data.