Netmechanica NetDecision Dashboard Server Information Disclosure Vulnerability Network Vulnerability

Summary

This host is running NetDecision Dashboard Server and is prone to information disclosure vulnerability.

Impact

Successful exploitation will allow attackers to gain sensitive information. Impact Level: Application

Solution

Upgrade to NetDecision Dashboard Server 4.6.1 or later, For updates refer to http://www.netmechanica.com/downloads/

Insight

The flaw is due to an improper validation of malicious HTTP request appended with '?' character, which discloses the Dashboard server's web script physical path.

Affected

NetDecision Dashboard Server version 4.5.1

References

http://www.exploit-db.com/exploits/18543/

Updated on 2017-03-28

Severity

Classification

CVE CVE-2012-1464

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apple iTunes Tutorials Window Security Bypass Vulnerability (Windows)
Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Windows)
Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Windows)
Adobe Reader Unspecified Vulnerability (Windows)
Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Linux)

Take action and discover your vulnerabilities