CVE - CVE-2024-35371

CVE-ID
CVE-2024-35371	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Ant-Media-Serverv2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be included in log entries without restrictions.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://gist.github.com/1047524396/4eb17867f2e375f4824274c5e7b4d384 MISC:https://github.com/ant-media/Ant-Media-Server/blob/ams-v2.8.2/src/main/java/io/antmedia/rest/RestServiceBase.java#L356 MISC:https://github.com/ant-media/ant-media-server/commit/4d4763bd4fd06e515c19544e5170ca0f34c9ce45
Assigning CNA
MITRE Corporation
Date Record Created
20240517	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240517)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)