CVE-2014-2873 in Commonspot Content Serverinfo

Summary

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 does not require authentication for access to log files, which allows remote attackers to obtain sensitive server information by using a predictable name in a request for a file.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

04/15/2014

Disclosure

04/15/2014

Moderation

VulDB entry created

Entries

1: VDB-69359

CPE

ready

CWE

CWE-200 (Confirmed)

CVSS

4.3

EPSS

0.00315

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2014-2873
NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-2873
CVE Details	https://www.cvedetails.com/cve/CVE-2014-2873/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!