Generation of Error Message Containing Sensitive Information
CVE-2024-23689
Summary
ClickHouse prior to v0.4.6 is vulnerable to client certificate password exposure in client exception.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- LOW
- HIGH
- HIGH
CWE-209 - Generation of Error Message Containing Sensitive Information
The software generates an error message that includes sensitive information about its environment, users, or associated data.
References
Advisory Timeline
- Published
