CVE-2018-10863

CVE-2018-10863

Vendor N/A
Product redhat-certification
Weakness CWE-552 · Files accessible externally
Published May 26, 2021
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

It was discovered that redhat-certification 7 is not properly configured and it lists all files and directories in the /var/www/rhcert/store/transfer directory, through the /rhcert-transfer URL. An unauthorized attacker may use this flaw to gather sensible information.

Key dates

02Disclosure timeline

May 26, 2021 CVE published
August 5, 2024 Record updated