Summary

Acunetix 360 identified a UNC server and share disclosure.

Impact

An attacker can perform brute-force or dictionary-based password guessing on the disclosed username. It may also help the attacker identify other vulnerabilities or further their exploitation of other identified vulnerabilities.

Remediation

  • Remove this kind of sensitive data from the output.

Severity

Information

Classification

CWE-16 ISO27001-A.18.1.3 WASC-15 OWASP 2013-A5 OWASP 2017-A6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N