CVE-2023-3349
CVSS V2 None
CVSS V3 None
Description
Information exposure vulnerability in IBERMATICA RPS 2019, which exploitation could allow an unauthenticated user to retrieve sensitive information, such as usernames, IP addresses or SQL queries sent to the application. By accessing the URL /RPS2019Service/status.html, the application enables the logging mechanism by generating the log file, which can be downloaded.
Overview
- CVE ID
- CVE-2023-3349
- Assigner
- INCIBE
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-10-03T13:24:44.830Z
- Last Modified Date
- 2023-10-03T13:24:44.830Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-ibermatica-rps-2019 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-3349 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3349 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-24 20:45:08 | Added to TrackCVE |