CVE-2014-2356

CVE-2014-2356: Innominate mGuard Exposure of Sensitive Information to an Unauthorized Actor

Vendor Innominate
Product mGuard
Weakness CWE-200 · Info exposure
Published July 30, 2014
Last update October 3, 2025

CVSS base score

What the vulnerability does

01Description

Innominate mGuard before 7.6.4 and 8.x before 8.0.3 does not require authentication for snapshot downloads, which allows remote attackers to obtain sensitive information via a crafted HTTPS request.

Key dates

02Disclosure timeline

July 30, 2014 CVE published
October 3, 2025 Record updated