RSS   Vulnerabilities for 'Idashboards'   RSS

2018-02-17
 
CVE-2018-7211

CWE-200
 

 
An issue was discovered in iDashboards 9.6b. The SSO implementation is affected by a weak obfuscation library, allowing man-in-the-middle attackers to discover credentials.

 
 
CVE-2018-7210

CWE-200
 

 
An issue was discovered in iDashboards 9.6b. It allows remote attackers to obtain sensitive information via a direct request for the idb/config?CMD=installLicense URI, as demonstrated by intranet IP addresses and names of guest accounts.

 
 
CVE-2018-7209

CWE-200
 

 
An issue was discovered in iDashboards 9.6b. It allows remote attackers to obtain sensitive information via a direct request for the idashboards/config.xml URI, as demonstrated by intranet URLs for reports.

 


Copyright 2024, cxsecurity.com

 

Back to Top