8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
7.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.9%
Information exposure vulnerability in IBERMATICA RPS 2019, which exploitation could allow an unauthenticated user to retrieve sensitive information, such as usernames, IP addresses or SQL queries sent to the application. By accessing the URL /RPS2019Service/status.html, the application enables the logging mechanism by generating the log file, which can be downloaded.
CPE | Name | Operator | Version |
---|---|---|---|
ayesa:ibermatica_rps | ayesa ibermatica rps | eq | 2019 |
[
{
"defaultStatus": "unaffected",
"product": "IBERMATICA RPS 2019",
"vendor": "IBERMATICA",
"versions": [
{
"status": "affected",
"version": "RPS 2019"
}
]
}
]
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
7.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.9%