What the vulnerability does
01Description
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NordicMade Savoy savoy allows Retrieve Embedded Sensitive Data.This issue affects Savoy: from n/a through <= 3.0.8.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
What the vulnerability does
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NordicMade Savoy savoy allows Retrieve Embedded Sensitive Data.This issue affects Savoy: from n/a through <= 3.0.8.
Explanation of Vulnerability in Simple Terms
Savoy versions 3.0.8 and earlier expose sensitive information to unauthenticated network attackers. The vulnerability allows reading of confidential data without requiring user interaction or special network conditions. No integrity or availability impact is present. Update to a version newer than 3.0.8.
What an attacker can do
Read sensitive information from the application without authentication.
Potential impact on your site
Confidential data may be exposed to anyone on the internet who discovers the vulnerability.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources