Описание
It has been discovered in redhat-certification that any unauthorized user may download any file under /var/www/rhcert, provided they know its name. Red Hat Certification 6 and 7 is vulnerable to this issue.
Ссылки
- Issue TrackingVendor Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:redhat:certification:-:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00179
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-552
Связанные уязвимости
CVSS3: 5.3
redhat
больше 7 лет назад
It has been discovered in redhat-certification that any unauthorized user may download any file under /var/www/rhcert, provided they know its name. Red Hat Certification 6 and 7 is vulnerable to this issue.
github
больше 3 лет назад
It has been discovered in redhat-certification that any unauthorized user may download any file under /var/www/rhcert, provided they know its name. Red Hat Certification 6 and 7 is vulnerable to this issue.
EPSS
Процентиль: 39%
0.00179
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-552