exploitDog

GHSA-j4vh-r4c7-fpmx

Опубликовано: 26 апр. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Northern.tech CFEngine Enterprise before 3.21.1 allows a subset of authenticated users to leverage the Scheduled Reports feature to read arbitrary files and potentially discover credentials.

Northern.tech CFEngine Enterprise before 3.21.1 allows a subset of authenticated users to leverage the Scheduled Reports feature to read arbitrary files and potentially discover credentials.

Ссылки

EPSS

Процентиль: 55%

0.00326

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-203

Связанные уязвимости

CVE-2023-26560

CVSS3: 6.5

nvd

почти 3 года назад

Northern.tech CFEngine Enterprise before 3.21.1 allows a subset of authenticated users to leverage the Scheduled Reports feature to read arbitrary files and potentially discover credentials.

EPSS

Процентиль: 55%

0.00326

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-203