|
|
|||
| Rule General Information |
|---|
| Release Date: | 2018-11-05 | |
| Rule Name: | Geutebrueck re_porter 7.8.974.20 Information Disclosure Vulnerability(CVE-2018-15534) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Geutebrueck re_porter 16 before 7.8.974.20 has a possibility of unauthenticated access to sensitive information including usernames and hashes via a direct request for /statistics/gscsetup.xml on TCP port 12003. | |
| Impact: | An attacker can abtain sensitive information of the target victim, and do malicious actions to gain profits using the information. | |
| Affected OS: | Network Device, Solaris, FreeBSD, Windows, Mac OS, iOS, Other Unix, Linux, Others, Android | |
| Reference: | http://packetstormsecurity.com/files/149002/Geutebruck-re_porter-16-Credential-Disclosure.html ExploitDB:45240 |
|
| Solutions |
|---|
| Upgrading to version 7.8.974.20 eliminates this vulnerability. |