2 matches found
Missing Authentication
Glances is vulnerable to Missing Authentication. The vulnerability is due to the web server running without authentication by default glances -w, exposing REST API endpoints that return sensitive system information, including process command-lines containing credentials, to any network client...
Glances exposes the REST API without authentication
Summary Glances web server runs without authentication by default when started with glances -w, exposing REST API with sensitive system information including process command-lines containing credentials passwords, API keys, tokens to any network client. Details Root Cause: Authentication is...