Zitadel is an open source identity management system. In case ZITADEL could not connect to the database, connection information including db name, username and db host name could be returned to the user. This has been addressed in all supported release branches in a point release. There is no workaround since a patch is already available. Users are advised to upgrade.
References
Configurations
No configuration.
History
No history.
Information
Published : 2024-05-01 07:15
Updated : 2024-05-01 13:01
NVD link : CVE-2024-32967
Mitre link : CVE-2024-32967
CVE.ORG link : CVE-2024-32967
JSON object : View
Products Affected
No product.
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor