Information exposure vulnerability in IBERMATICA RPS 2019, which exploitation could allow an unauthenticated user to retrieve sensitive information, such as usernames, IP addresses or SQL queries sent to the application. By accessing the URL /RPS2019Service/status.html, the application enables the logging mechanism by generating the log file, which can be downloaded.
References
Link | Resource |
---|---|
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-ibermatica-rps-2019 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: INCIBE
Published: 2023-10-03T13:24:44.830Z
Updated: 2023-10-03T13:24:44.830Z
Reserved: 2023-06-21T11:12:46.069Z
Link: CVE-2023-3349
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-10-03T14:15:10.853
Modified: 2023-10-05T00:59:13.483
Link: CVE-2023-3349
JSON object: View
Redhat Information
No data.