exploitDog

GHSA-2v43-c695-wqxw

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) before 6.1 allow remote attackers to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by (1) an OPTIONS request or (2) a crafted GET request, leading to a Message-handling Errors message containing a certain client intranet IP address, aka Bug ID CSCtb82159.

Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) before 6.1 allow remote attackers to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by (1) an OPTIONS request or (2) a crafted GET request, leading to a Message-handling Errors message containing a certain client intranet IP address, aka Bug ID CSCtb82159.

Ссылки

EPSS

Процентиль: 95%

0.15594

Средний

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2009-3457

nvd

больше 16 лет назад

Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) before 6.1 allow remote attackers to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by (1) an OPTIONS request or (2) a crafted GET request, leading to a Message-handling Errors message containing a certain client intranet IP address, aka Bug ID CSCtb82159.

EPSS

Процентиль: 95%

0.15594

Средний

CVE ID

Дефекты

CWE-200