Information disclosure in Searchblox
CVE-2015-0969
SearchBlox before 8.2 allows remote attackers to obtain sensitive information via a pretty=true action to the _cluster/health URI.
Vulnerability class: Information Disclosure
EPSS: 0.137 (96.0th percentile) — read the EPSS interpretation.
Affected products
- Searchblox
- N/a — versions n/a
Weakness classification (CWE)
References
- cret@cert.org (US Government Resource, x_refsource_CERT-VN, Third Party Advisory, third-party-advisory)