A data exposure flaw was found in Tower, where sensitive data was revealed from the HTTP return error codes. This flaw allows an unauthenticated, remote attacker to retrieve pages from the default organization and verify existing usernames. The highest threat from this vulnerability is to data confidentiality.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1859139 | Issue Tracking Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2020-07-31T12:42:55
Updated: 2020-07-31T12:42:55
Reserved: 2020-06-17T00:00:00
Link: CVE-2020-14337
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-07-31T13:15:12.537
Modified: 2020-08-11T17:03:47.937
Link: CVE-2020-14337
JSON object: View
Redhat Information
No data.
CWE