|
|||
Rule General Information |
---|
Release Date: | 2018-11-05 | |
Rule Name: | Geutebrueck re_porter 7.8.974.20 Information Disclosure Vulnerability(CVE-2018-15534) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | Geutebrueck re_porter 16 before 7.8.974.20 has a possibility of unauthenticated access to sensitive information including usernames and hashes via a direct request for /statistics/gscsetup.xml on TCP port 12003. | |
Impact: | An attacker can abtain sensitive information of the target victim, and do malicious actions to gain profits using the information. | |
Affected OS: | Network Device, Solaris, FreeBSD, Windows, Mac OS, iOS, Other Unix, Linux, Others, Android | |
Reference: | http://packetstormsecurity.com/files/149002/Geutebruck-re_porter-16-Credential-Disclosure.html ExploitDB:45240 |
|
Solutions |
---|
Upgrading to version 7.8.974.20 eliminates this vulnerability. |