CVE-2012-0263

monitor/index.php in op5 Monitor and op5 Appliance before 5.5.1 allows remote authenticated users to obtain sensitive information such as database and user credentials via error messages that are triggered by (1) a malformed hoststatustypes parameter to status/service/all or (2) a crafted request to config.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:op5:monitor:*:*:*:*:*:*:*:*
cpe:2.3:a:op5:monitor:5.3.5:*:*:*:*:*:*:*
cpe:2.3:a:op5:monitor:5.4.0:*:*:*:*:*:*:*
cpe:2.3:a:op5:monitor:5.4.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-12-31 20:55

Updated : 2024-02-04 18:16


NVD link : CVE-2012-0263

Mitre link : CVE-2012-0263

CVE.ORG link : CVE-2012-0263


JSON object : View

Products Affected

op5

  • monitor
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor