CVE-2018-1322
CVSS v3.0
4.9 (Medium)
CVSS v2.0
4 (Medium)
EPSS
0.18 % (55th)
Affected Products
1
Advisories
1
An administrator with user search entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can recover sensitive security values using the fiql and orderby parameters.
Weaknesses
- CWE-200
- Exposure of Sensitive Information to an Unauthorized Actor
- CVE Status
- PUBLISHED
- CNA
- Apache Software Foundation
- Published Date
-
2018-03-20 17:29:00
(6 years ago) - Updated Date
-
2019-03-08 15:15:59
(5 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...