MidnightBSD

Advisories for zowe

CVE-2024-6916

A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties in cleartext within a terminal using the '--show-inputs-only' flag.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
zowe-security@lists.openmainframeproject.org 5.9 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N 1.5 4.0

Products Affected

Vendor Product Version
zowe zowe_cli *