CVE-2008-3717

CVE-2008-3717

EPSS 1.3%

Harmoni before 1.6.0 does not require administrative privileges to list (1) user names or (2) asset ids, which allows remote attackers to obtain sensitive information.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://secunia.com/advisories/31503 https://exchange.xforce.ibmcloud.com/vulnerabilities/44485 http://sourceforge.net/project/shownotes.php?release_id=619864 http://sourceforge.net/tracker/index.php?func=detail&aid=2040324&group_id=82171&atid=1098812 http://www.securityfocus.com/bid/30706