CVE-2008-3717

Publication date

2008-08-19 19:10:00

Family

mitre

State

PUBLISHED

Description

Harmoni before 1.6.0 does not require administrative privileges to list (1) user names or (2) asset ids, which allows remote attackers to obtain sensitive information.