What the vulnerability does

01Description

Unauthenticated users can access sensitive web URLs through GET request, which should be restricted to maintenance users only. A malicious attacker could use this sensitive information’s to launch further attacks on the system.

Key dates

02Disclosure timeline

April 1, 2022 CVE published
August 3, 2024 Record updated

Related vulnerabilities

04Related CVE