Netmechanica NetDecision Dashboard Server Information Disclosure Vulnerability
BID:52645
Info
Netmechanica NetDecision Dashboard Server Information Disclosure Vulnerability
| Bugtraq ID: | 52645 |
| Class: | Input Validation Error |
| CVE: |
CVE-2012-1464 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 21 2012 12:00AM |
| Updated: | Mar 21 2012 12:00AM |
| Credit: | Prabhu S Angadi of SecPod Research Team |
| Vulnerable: |
NetMechanica NetDecision 4.5.1 |
| Not Vulnerable: |
NetMechanica NetDecision 4.6.1 |
Discussion
Netmechanica NetDecision Dashboard Server Information Disclosure Vulnerability
Netmechanica NetDecision Dashboard Server is prone to an information-disclosure vulnerability.
An attacker can exploit this vulnerability to obtain sensitive information; this may aid in further attacks.
NetDecision 4.5.1 is vulnerable; other versions may also be affected.
Netmechanica NetDecision Dashboard Server is prone to an information-disclosure vulnerability.
An attacker can exploit this vulnerability to obtain sensitive information; this may aid in further attacks.
NetDecision 4.5.1 is vulnerable; other versions may also be affected.
Exploit / POC
Netmechanica NetDecision Dashboard Server Information Disclosure Vulnerability
Attackers can exploit this issue through a browser.
The following exploit code is available:
Attackers can exploit this issue through a browser.
The following exploit code is available:
Solution / Fix
Netmechanica NetDecision Dashboard Server Information Disclosure Vulnerability
Solution:
Vendor updates are available. Please see the references for more information.
Solution:
Vendor updates are available. Please see the references for more information.
References
Netmechanica NetDecision Dashboard Server Information Disclosure Vulnerability
References:
References:
- NetDecision Homepage (NetMechanica)
- Netmechanica NetDecision Dashboard Server Information Disclosure Vulnerability (Secpod)