exploitDog

GHSA-cfhf-797j-qrrq

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Harmoni before 1.6.0 does not require administrative privileges to list (1) user names or (2) asset ids, which allows remote attackers to obtain sensitive information.

Harmoni before 1.6.0 does not require administrative privileges to list (1) user names or (2) asset ids, which allows remote attackers to obtain sensitive information.

Ссылки

EPSS

Процентиль: 57%

0.00357

Низкий

CVE ID

Связанные уязвимости

CVE-2008-3717

nvd

больше 17 лет назад

Harmoni before 1.6.0 does not require administrative privileges to list (1) user names or (2) asset ids, which allows remote attackers to obtain sensitive information.

EPSS

Процентиль: 57%

0.00357

Низкий

CVE ID