← voltar
CVE-2023-32550

Landscape's Apache server-status is accessible by default

CVSS 9.3 CRITICALEPSS 0.4%CWE-497
Landscape's server-status page exposed sensitive system information. This data leak included GET requests which contain information to attack and leak further information from the Landscape API.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Produtos afetados
Canonical Ltd. · Landscape

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bugs.launchpad.net/landscape/+bug/1929037