Lucene search
HistoryJul 30, 2014 - 2:55 p.m.
CVE-2014-2356
cve-2014-2356
innominate mguard
snapshot downloads
unauthenticated access
sensitive information
https
nvd
6.6 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.018 Low
EPSS
Percentile
88.1%
Innominate mGuard before 7.6.4 and 8.x before 8.0.3 does not require authentication for snapshot downloads, which allows remote attackers to obtain sensitive information via a crafted HTTPS request.
Related
prion
prion
Cross site request forgery (csrf)
2014-07-30 14:55:00
cvelist
cvelist
CVE-2014-2356
2014-07-30 14:00:00
ics
ics
Innominate mGuard Unauthorized Leakage of System Data
2018-09-06 12:00:00
6.6 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.018 Low
EPSS
Percentile
88.1%
Related for CVE-2014-2356