Security Advisory

CVE-2023-4595

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-11-23 12:38:04

Last updated 2024-08-02 07:31:06

Assigner INCIBE

State PUBLISHED

Description

An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end of the URL: %00 %0a, %20, %2a, %a0, %aa, %c0 and %ca.

← Browse all CVEs View on cve.org ↗