Enhancement: misconfiguration/openbmcs/openbmcs-secret-disclosure.yaml by md
parent
9d16e0c7ee
commit
783914f71c
|
@ -1,12 +1,16 @@
|
|||
id: openbmcs-secret-disclosure
|
||||
|
||||
info:
|
||||
name: OpenBMCS 2.4 Secrets Disclosure
|
||||
name: OpenBMCS 2.4 - Information Disclosure
|
||||
author: dhiyaneshDK
|
||||
severity: high
|
||||
description: The application allows directory listing and information disclosure of some sensitive files that can allow an attacker to leverage the disclosed information and gain full BMS access
|
||||
description: OpenBMCS 2.4 contains an information disclosure vulnerability. The application allows directory listing and exposure of some sensitive files, which can allow an attacker to leverage the disclosed information and gain full access.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/50671
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
||||
cvss-score: 7.5
|
||||
cwe-id: CWE-200
|
||||
metadata:
|
||||
shodan-query: http.favicon.hash:1550906681
|
||||
tags: misconfig,edb,openbmcs
|
||||
|
@ -27,3 +31,5 @@ requests:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
# Enhanced by md on 2023/03/10
|
||||
|
|
Loading…
Reference in New Issue