Information disclosure in Searchblox

CVE-2015-0969

SearchBlox before 8.2 allows remote attackers to obtain sensitive information via a pretty=true action to the _cluster/health URI.

Vulnerability class: Information Disclosure

EPSS: 0.137 (96.0th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References

  • cret@cert.org (US Government Resource, x_refsource_CERT-VN, Third Party Advisory, third-party-advisory)