Summary
The host is installed with DotNetNuke and is prone to Information Disclosure Vulnerability.
Impact
Successful exploitation will let the attacker obtain sensitive information and attacker can use this information for further attacks.
Impact Level: System/Application
Solution
Update to version 5.2.0 or later,
For updates refer to http://www.dotnetnuke.com/
Insight
The flaw exists due to install wizard insecurely displaying certain pages containing version information to an anonymous user.
Affected
DotNetNuke versions 4.0 through 5.1.4 on all running platforms.
References
Severity
Classification
-
CVE CVE-2009-4109 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities