Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:27 a.m.12 views

CVE-2019-12452

types/types.go in Containous Traefik 1.7.x through 1.7.11, when the --api flag is used and the API is publicly reachable and exposed without sufficient access control which is contrary to the API documentation, allows remote authenticated users to discover password hashes by reading the Basic HTT...

7.5CVSS6.8AI score0.0259EPSS
Exploits1References1
OSV
OSV
added 2019/05/29 7:29 p.m.16 views

CVE-2019-12452

types/types.go in Containous Traefik 1.7.x through 1.7.11, when the --api flag is used and the API is publicly reachable and exposed without sufficient access control which is contrary to the API documentation, allows remote authenticated users to discover password hashes by reading the Basic HTT...

7.5CVSS6.8AI score
Exploits0References3
Cvelist
Cvelist
added 2019/05/29 6:43 p.m.26 views

CVE-2019-12452

types/types.go in Containous Traefik 1.7.x through 1.7.11, when the --api flag is used and the API is publicly reachable and exposed without sufficient access control which is contrary to the API documentation, allows remote authenticated users to discover password hashes by reading the Basic HTT...

7.4AI score0.0259EPSS
Exploits1References3
CVE
CVE
added 2019/05/29 6:43 p.m.145 views

CVE-2019-12452

CVE-2019-12452 affects Containous Traefik 1.7.x (1.7.11 and earlier). When --api is enabled and publicly reachable with insufficient access control, remote authenticated users can read the JSON response of /api to discover password hashes from Basic/Digest HTTP Authentication and can read a Clien...

7.5CVSS7.3AI score0.0259EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder