CVE-2023-32550

Опубликовано: 06 июн. 2023

Источник: nvd

CVSS3: 9.3

CVSS3: 8.2

EPSS Низкий

Описание

Landscape's server-status page exposed sensitive system information. This data leak included GET requests which contain information to attack and leak further information from the Landscape API.

Ссылки

https://bugs.launchpad.net/landscape/+bug/1929037
Issue Tracking
Mitigation
Vendor Advisory
https://bugs.launchpad.net/landscape/+bug/1929037
Issue Tracking
Mitigation
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:canonical:landscape:*:*:*:*:*:*:*:*

Версия до 19.10.5 (исключая)

EPSS

Процентиль: 38%

0.00168

Низкий

9.3 Critical

CVSS3

8.2 High

CVSS3

Дефекты

CWE-497

CWE-668

Связанные уязвимости

GHSA-qx9h-hx3f-jr6w

CVSS3: 9.3

github

больше 2 лет назад

Landscape's server-status page exposed sensitive system information. This data leak included GET requests which contain information to attack and leak further information from the Landscape API.

EPSS

Процентиль: 38%

0.00168

Низкий

9.3 Critical

CVSS3

8.2 High

CVSS3

Дефекты

CWE-497

CWE-668