Dapr dashboard is vulnerable to information disclosure. The vulnerability is due to the dashboard’s access control not being properly configured, resulting in an attacker gaining access to obtain sensitive plaintext configuration of redis, mongodb, rabbitmq and other applications on the cloud.