GroundWork Monitor Enterprise File 'Nagios-App' Component Information Disclosure Vulnerability
BID:58410
Info
GroundWork Monitor Enterprise File 'Nagios-App' Component Information Disclosure Vulnerability
| Bugtraq ID: | 58410 |
| Class: | Design Error |
| CVE: |
CVE-2013-3505 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 06 2013 12:00AM |
| Updated: | May 09 2013 12:22PM |
| Credit: | Johannes Greil, SEC Consult Vulnerability Lab |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
GroundWork Monitor Enterprise File 'Nagios-App' Component Information Disclosure Vulnerability
The Nagios-App component of GroundWork Monitor Enterprise is prone to an information-disclosure vulnerability.
Exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks.
GroundWork Monitor Enterprise 6.7.0 is vulnerable; other versions may also be affected.
The Nagios-App component of GroundWork Monitor Enterprise is prone to an information-disclosure vulnerability.
Exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks.
GroundWork Monitor Enterprise 6.7.0 is vulnerable; other versions may also be affected.
Exploit / POC
GroundWork Monitor Enterprise File 'Nagios-App' Component Information Disclosure Vulnerability
Attackers can use a browser to exploit this issue.
Attackers can use a browser to exploit this issue.
Solution / Fix
GroundWork Monitor Enterprise File 'Nagios-App' Component Information Disclosure Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
GroundWork Monitor Enterprise File 'Nagios-App' Component Information Disclosure Vulnerability
References:
References: