CVE-2017-15937

Publication date

2017-10-27 20:00:00

Family

mitre

State

PUBLISHED

Description

Artica Pandora FMS version 7.0 leaks a full installation pathname via GET data when intercepting the main pages graph requisition. This also implies that general OS information is leaked (e.g., a /var/www pathname typically means Linux or UNIX).