5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.006 Low
EPSS
Percentile
78.4%
A Bugzilla Security Advisory reports:
When a bug is in a group, none of its information
(other than its status and resolution) should be visible
to users outside that group. It was discovered that
as of 3.3.2, Bugzilla was showing the alias of the bug
(a very short string used as a shortcut for looking up
the bug) to users outside of the group, if the protected
bug ended up in the “Depends On” or “Blocks” list of any
other bug.